Overview

It's not uncommon to need to synchronize some data into puppet from another authoritative source. That may be a list of users, SSH keys, machine characteristics, etc.

PuppetAgain supports these through the extsync system. The idea is that data is periodically pulled from external sources by the distinguished puppetmaster, processed as needed, and then written into hiera data files. Those files are synchronize to other masters in the organization along with the hiera secrets files. Then the data is available using normal hiera functions.

Since each organization will have different needs for synchronization, the system is highly configurable. First, each kind of synchronization is a different "extsync" with its own name. For example, `ldap_users` or `masters_json`. Each extsync also takes arbitrary named parameters to customize it to the needs of the organization. These are all customized in the organization configuration. For example:

   $puppetmaster_extsyncs = {
       ldap_users => {
           server => "some-server",
           username => "..", ..
       },
       masters_json => {
           masters_json_url => "..",
       },
   }

This will activate only those two extsyncs in this organization, passing them the appropriate configuration parameters. The data that the ldap_users extsync produces will be placed in /etc/hiera/ldap_users.eyaml.

The following describe the existing extsyncs:

Fake

This doesn't do anything.