> 2. Do the list manipulation in puppet, like we do for firewall rules > > E.g see: > > https://github.com/openstack/tripleo-heat-templates/blob/master/puppet/services/ceilometer-api.yaml#L62 > > https://github.com/openstack/puppet-tripleo/blob/master/manifests/firewall/service_rules.pp#L32 > > This achieves the same logical result as the above, but it does the list > manipulation in the puppet profile instead of t-h-t. > > I think either approach would be fine, but I've got a slight preference for > (1) as I think it may be more reusable in a future non-puppet world, e.g > for container deployments etc where we may not always want to use puppet. > > Open to other suggestions, but would either of the above solve your > problem? I went with (2), even though iteration in Puppet is a little funky. Looking through the firewall rules implementation helped me understand how the service_config_settings stuff works. You can see the updated implementation at: - https://review.openstack.org/#/c/417509/ (puppet-tripleo) - https://review.openstack.org/#/c/411048/ (t-h-t) -- Lars Kellogg-Stedman <lars at redhat.com> | larsks @ {freenode,twitter,github} Cloud Engineering / OpenStack | http://blog.oddbit.com/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 801 bytes Desc: not available URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20170111/d22c1093/attachment.pgp>