476c8115c5
Replace deprecated dalen-puppetdbquery module with native puppetdb_query function using PQL syntax to resolve URI.escape compatibility issues. This is required to migrated to Puppet 8 (and kubernetes). Changes: - Remove dalen-puppetdbquery dependency from Puppetfile - Replace query_nodes() calls with puppetdb_query() using PQL syntax - Update 27 function calls across 18 Puppet manifests - Maintain equivalent functionality with improved compatibility Reviewed-on: #457
87 lines
2.6 KiB
Puppet
87 lines
2.6 KiB
Puppet
# profiles::dns::base
|
|
class profiles::dns::base (
|
|
Array $search = [],
|
|
Array $nameservers = ['198.18.13.12', '198.18.13.13'],
|
|
Optional[Enum[
|
|
'all',
|
|
'region',
|
|
'country'
|
|
]] $use_ns = undef,
|
|
String $primary_interface = $facts['networking']['primary'],
|
|
Optional[String] $ns_role = undef,
|
|
){
|
|
|
|
# install bind_utils
|
|
include bind::updater
|
|
|
|
# if ns_role is set, find all hosts matching that enc_role
|
|
$nameserver_array = $ns_role ? {
|
|
undef => $nameservers,
|
|
default => $use_ns ? {
|
|
'all' => puppetdb_query(
|
|
"facts[certname,value] {
|
|
name = 'networking' and
|
|
certname in nodes[certname] { facts.enc_role = '${ns_role}' }
|
|
}"
|
|
).map |$fact| { $fact['value']['ip'] },
|
|
'region' => puppetdb_query(
|
|
"facts[certname,value] {
|
|
name = 'networking' and
|
|
certname in nodes[certname] {
|
|
facts.enc_role = '${ns_role}' and facts.region = '${facts['region']}'
|
|
}
|
|
}"
|
|
).map |$fact| { $fact['value']['ip'] },
|
|
'country' => puppetdb_query(
|
|
"facts[certname,value] {
|
|
name = 'networking' and
|
|
certname in nodes[certname] {
|
|
facts.enc_role = '${ns_role}' and facts.country = '${facts['country']}'
|
|
}
|
|
}"
|
|
).map |$fact| { $fact['value']['ip'] },
|
|
}
|
|
}
|
|
|
|
# if nameservers not returned from puppetdb, use default
|
|
$use_nameservers = empty($nameserver_array) ? {
|
|
true => $nameservers,
|
|
false => $nameserver_array,
|
|
}
|
|
|
|
# if search is undef, fallback to domainname from facts
|
|
if $search == [] {
|
|
$search_array = [$::facts['networking']['domain']]
|
|
}else{
|
|
$search_array = $search
|
|
}
|
|
|
|
# include resolvconf class
|
|
class { 'profiles::dns::resolvconf':
|
|
nameservers => sort($use_nameservers),
|
|
search_domains => sort($search_array),
|
|
}
|
|
|
|
# export dns records for client
|
|
$facts['networking']['interfaces'].each | $interface, $data | {
|
|
|
|
# exclude those without ipv4 address, lo, docker0 and anycast addresses
|
|
if $data['ip'] and $interface != 'lo' and $interface != 'docker0' and $interface !~ /^anycast[0-9]$/ and $interface !~ /^cilium_/ {
|
|
|
|
# use defaults for the primary_interface
|
|
if $interface == $primary_interface {
|
|
profiles::dns::client {"${facts['networking']['fqdn']}-${interface}":
|
|
interface => $interface,
|
|
}
|
|
|
|
# update secondary interfaces
|
|
}else{
|
|
profiles::dns::client {"${facts['networking']['fqdn']}-${interface}":
|
|
interface => $interface,
|
|
hostname => "${facts['networking']['hostname']}-${interface}",
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|