Can puppet force a template propagation?

1
votes

I want all my puppet mannaged hosts to have a list of these hosts in a configuration file. My first idea (which might not be a good one) is to use a template file to insert the list of hosts into the good configuration file.

When a new host is configured, puppet will compute the template and the new host will get a proper configuration file.

But what about the other hosts ? The template file do not change so puppet will not want to re-propagate it. So I guess all the other hosts won't know about the new list of hosts.

The precise use case is to whitelist my hosts in /etc/ssh/sshd_config :

AllowUsers: root@host1 root@host2 ... root@newhost

The template reaches for the SQL ENC to get the list of nodes.

Any hint ?

1
puppet

1 Answers

0
votes

Puppet will re-evaluate the template every time a server performs a Puppet run, as the Puppet agent will request a new catalog. If the ENC changes its data to provide the new list of hosts then the template output will change, the clients will get a new catalog and apply the new contents of the file.

The Puppet agent often runs as a daemon, executing a run every 20 minutes. When it runs, the file will get updated.