Replacing exported resources with puppetdb queries

Updated . Posted . Visible to the public.

Instead of using Puppet exported resources Show archive.org snapshot you can use the puppetdb_query Show archive.org snapshot feature.

This can result in more complex code but has several benefits:

  • you can use more complex puppetdb queries to get the resources you want than with the limited filtering options of exported resources
  • because you receive a data object of the resources you can only use a part of the information contained
  • you can use information received from a resource type to create a different resource without creating wrapper defined types
  • you can omit duplicate resource issues without creating wrapper defined types
    • explanation: If you export the same resource from multiple nodes you will hit a duplicate declaration issue. Usually you will create a wrapper defined type which contains for example the node name in the title. The wrapper resource contains an ensure_resource with the resource you really want to manage

Example

One example is used by us in environments::railscomplete::dbcollector:

  $vhost_types = ['\'Environments::Elixir::Vhost\'',
                  '\'Environments::Rails::Vhost\'',
                  '\'Environments::Php::Vhost\'',
                  '\'Environments::Python::Vhost\'',
                  ]

  $vhosts = puppetdb_query("resources {type in ${vhost_types} and parameters.dbbackend = '${dbbackend}'}")

  $vhosts.each |$vhost| {
    ensure_resource('environments::railscomplete::db', $vhost['parameters']['dbuser'], {
      'password'   => $vhost['parameters']['dbpassword'],
      'type'       => $type,
      'extensions' => $vhost['parameters']['dbextensions'],
      'schemas'    => $vhost['parameters']['dbschemas'],
      'charset'    => $vhost['parameters']['dbencoding'],
      'collate'    => $vhost['parameters']['dbcollate'],
      'host'       => $host,
    })
  }

Instead of exporting a environments::railscomplete::db resource on the application servers we just collectd all the vhosts with a specific dbbackend. A vhost can be configured on multiple servers. If we've used exported resources the environments::railscomplete::db resource type would not contain the resources it contains now but would be a wrapper using an additional resource type utilizing ensure_resources. This is more complex than just fetching the information straight out of the PuppetDB and applying it with .each.

Prefer exported resources or puppetdb query?

This highly depends on the scenario. Usually you should use exported resources because it's the more simple solution. But building wrapper resources and understanding them can be more complex than just using a puppetdb_query.

Claus-Theodor Riegg
Last edit
Marc Dierig
License
Source code in this card is licensed under the MIT License.