On Thursday, June 26, 2014 9:25:44 AM UTC-5, Cristian Falcas wrote: > > Hello, > > I'm trying to make a new provider for the firewall type ( for amazon > security groups ). > > But I'm trying to use both providers inside the catalog: some rules I need > for iptables only (for ex. nat rules), others for the security groups only. > I'm differentiating between the rules with a special tag. > > In my code I have this rule to change the provider: > > Firewall <| tag != 'iptables' |> { > provider => 'aws_securitygroup', > line => 'test', > action => 'accept', > } > > Much to my surprise, both providers are executed for each firewall rule: > so i have a security rule added and an iptables rule. > > I like this very much, because at first I thought that only the amazon > rules will be executed. > > My question is: is this the expected behavior? Or it's some kind of bug I > stumbled upon? >
The expected behavior is that each resource instance be served by exactly one provider (or fail if there are no suitable providers). It is possible, though, that your aws_securitygroup provider's implementation somehow causes the iptables provider also to run for resources to which the aws_securitygroup provider is assigned. I rate that more likely, but... It is also conceivable that a bug has crept in to Puppet in the area of selecting providers where there are multiple suitable ones for a given resource. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/f0e2860b-bb5c-4b49-8a92-1cb5de85da61%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.