var_ossec_etc_client.keys_${agent_ip_address}_part has the potential to not be unique #4
Description
I already hit this wall and you get a very unhelpful error message on the ossec server
Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Duplicate declaration: Concat::Fragment[var_ossec_etc_client.keys_10.10.16.56_part] is already declared in file /etc/puppet/environments/prod/modules/ossec/manifests/agentkey.pp:17; cannot redeclare at /etc/puppet/environments/prod/modules/ossec/manifests/agentkey.pp:17 on node ossec-server.example.com
We reinstalled a system with the same IP but a different name and suddenly we had the dupe definition
If someone should come looking for that message the fix is to run
puppet node deactivate oldname.example.com
on the puppet master to clear out the entry in puppetdb
Looking over the Puppet docs for exported refs they recomend the following
To ensure uniqueness, every resource you export should include a substring unique to the node exporting it into its title and name/namevar. The most expedient way is to use the hostname or fqdn facts.
So unless there is some compelling reason to use agent_ip_adress it should probably be changed to agent_name.