Fatal编程技术网
  • puppet/
  • Puppet 5中的循环导致重复声明错误

Puppet 5中的循环导致重复声明错误

puppet

Puppet 5中的循环导致重复声明错误,puppet,Puppet,请请求一些帮助 要求是创建自定义防火墙服务,然后只允许将此自定义防火墙服务用于选定的IP(此处尝试使用firewall D_rich_规则) 以下是示例代码: class foo::fwall ( $sourceip = undef, ) { include firewalld if $sourceip { $sourceip.each |String $ipaddr| { firewalld_rich_rule { "rich_rule_${ipaddr}":

请请求一些帮助

要求是创建自定义防火墙服务,然后只允许将此自定义防火墙服务用于选定的IP(此处尝试使用firewall D_rich_规则)

以下是示例代码:

class foo::fwall (
$sourceip = undef,
)
{
  include firewalld

  if $sourceip {
    $sourceip.each |String $ipaddr| {
      firewalld_rich_rule { "rich_rule_${ipaddr}":
        ensure      => enabled,
        permanent   => true,
        zone        => 'public',
        family      => ipv4,
        source      => $ipaddr,
        element     => service,
        servicename => 'bar',
        action      => accept,
      }
    }
  }

  # this is defined in firewalld class and works good
  firewalld::custom_service { 'bar':
    short       => 'bar custom service',
    description => 'custom service ports',
    ports       => [
      {
        port     => '7771',
        protocol => 'tcp',
      },
      {
        port     => '8282',
        protocol => 'tcp',
      },
      {
        port     => '8539',
        protocol => 'tcp',
      },
    ],
  }
}
当在一个节点上运行它时,使用两个ip地址(作为$sourceip的数组提供),它会导致重复声明错误

Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Error while evaluating a Resource Statement, Duplicate declaration: Firewalld_rich_rule[rich_rule_2] is already declared at (file: .../dev/modules/test/manifests/fwall.pp, line: 11); cannot redeclare (file: .../dev/modules/test/manifests/fwall.pp, line: 11) (file: .../dev/modules/test/manifests/fwall.pp, line: 11, column: 7) on node server.domain
在适用于Redhat Enterprise Linux 7服务器的puppet v5.5(来自puppetlabs)中尝试

注意:尝试从Puppet文档中按照此示例定义资源,但收到无效地址错误

define puppet::binary::symlink ($binary = $title) {
  file {"/usr/bin/${binary}":
    ensure => link,
    target => "/opt/puppetlabs/bin/${binary}",
  }
}

Use the defined type for the iteration somewhere ele in your manifest file:

$binaries = ['facter', 'hiera', 'mco', 'puppet', 'puppetserver']

puppet::binary::symlink { $binaries: }
我必须将$sourceip的数据类型更改为RH Satellite的智能类参数中的array,默认情况下该参数为String。现在一切都很好

在类定义中声明类参数的数据类型是一个非常好的实践。在这种情况下这样做可能有助于卫星从一开始就把它弄对,但即使它没有,至少也会产生一条更有用的错误信息。