Hi @Inderpreet, @Ayman ,
My task failed for Puppet setup firewall . The question was not completely clear on its expectation ,ie,it said
Create an inventory file code.pp under /etc/puppetlabs/code/environments/production/manifests directory on
master node i.e on Jump Server. In this inventory file you need to define nodes specific classes which are mentioned below.
since it specified that the node specific classes should be located in code.pp , i added it there.
and for the official.pp , it did not mention what was its purpose
Also create a puppet programming file official.pp under /etc/puppetlabs/code/environments/production/manifests directory
on puppet master node i.e on Jump Server.
so i had to assume that the node resources are to be present here .
But when i did that the task failed stating that the classes are not defined in official.pp , but the task did not say that it should be present in official.pp . Can you guys at least confirm if whether the puppet code is correct and that the issue was that it should have been in the opposite files ?
root@jump_host manifests]# cat official.pp
node 'stapp01.stratos.xfusioncorp.com' {
include firewall_node1
}
node 'stapp02.stratos.xfusioncorp.com' {
include firewall_node2
}
node 'stapp03.stratos.xfusioncorp.com' {
include firewall_node3
}
[root@jump_host manifests]# cat code.pp
class firewall_node1 {
firewalld_rich_rule { 'Open all incoming connection for 8081/tcp port on App Server 1':
ensure => present,
zone => 'public',
log => {
'level' => 'debug',
'prefix' => 'puppetFirewallD'
},
port => {
'port' => 8081,
'protocol' => 'tcp'
},
action => 'accept',
}
}
class firewall_node2 {
firewalld_rich_rule { 'Open all incoming connection for 5008/tcp port on App Server 1':
ensure => present,
zone => 'public',
log => {
'level' => 'debug',
'prefix' => 'puppetFirewallD'
},
port => {
'port' => 5008,
'protocol' => 'tcp'
},
action => 'accept',
}
}
class firewall_node3 {
firewalld_rich_rule { 'Open all incoming connection for 8091/tcp port on App Server 3':
ensure => present,
zone => 'public',
log => {
'level' => 'debug',
'prefix' => 'puppetFirewallD'
},
port => {
'port' => 8091,
'protocol' => 'tcp'
},
action => 'accept',
}
}
After getting the agents to pull it , i was able to confirm the firewall rules were added