diff --git a/puppet-{{cookiecutter.project_name}}/manifests/db.pp b/puppet-{{cookiecutter.project_name}}/manifests/db.pp
index bbd5460..24fc047 100644
--- a/puppet-{{cookiecutter.project_name}}/manifests/db.pp
+++ b/puppet-{{cookiecutter.project_name}}/manifests/db.pp
@@ -10,43 +10,43 @@
 #
 # [*database_connection_recycle_time*]
 #   (Optional) Timeout when db connections should be reaped.
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #
 # [*database_db_max_retries*]
 #   (optional) Maximum retries in case of connection error or deadlock error
 #   before error is raised. Set to -1 to specify an infinite retry count.
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #
 # [*database_max_retries*]
 #   (Optional) Maximum number of database connection retries during startup.
 #   Setting -1 implies an infinite retry count.
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #
 # [*database_retry_interval*]
 #   (Optional) Interval between retries of opening a database connection.
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #
 # [*database_max_pool_size*]
 #   (Optional)Maximum number of SQL connections to keep open in a pool.
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #
 # [*database_max_overflow*]
 #   (Optional) If set, use this value for max_overflow with sqlalchemy.
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #
 # [*database_pool_timeout*]
 #   (Optional) If set, use this value for pool_timeout with SQLAlchemy.
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #
 class {{cookiecutter.project_name}}::db (
   $database_connection              = 'sqlite:////var/lib/{{cookiecutter.project_name}}/{{cookiecutter.project_name}}.sqlite',
-  $database_connection_recycle_time = $::os_service_default,
-  $database_max_pool_size           = $::os_service_default,
-  $database_db_max_retries          = $::os_service_default,
-  $database_max_retries             = $::os_service_default,
-  $database_retry_interval          = $::os_service_default,
-  $database_max_overflow            = $::os_service_default,
-  $database_pool_timeout            = $::os_service_default,
+  $database_connection_recycle_time = $facts['os_service_default'],
+  $database_max_pool_size           = $facts['os_service_default'],
+  $database_db_max_retries          = $facts['os_service_default'],
+  $database_max_retries             = $facts['os_service_default'],
+  $database_retry_interval          = $facts['os_service_default'],
+  $database_max_overflow            = $facts['os_service_default'],
+  $database_pool_timeout            = $facts['os_service_default'],
 ) {
 
   include {{cookiecutter.project_name}}::deps
diff --git a/puppet-{{cookiecutter.project_name}}/manifests/keystone/authtoken.pp b/puppet-{{cookiecutter.project_name}}/manifests/keystone/authtoken.pp
index cf0e222..d7bdf5a 100644
--- a/puppet-{{cookiecutter.project_name}}/manifests/keystone/authtoken.pp
+++ b/puppet-{{cookiecutter.project_name}}/manifests/keystone/authtoken.pp
@@ -29,17 +29,17 @@
 #
 # [*system_scope*]
 #   (Optional) Scope for system operations
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #
 # [*insecure*]
 #   (Optional) If true, explicitly allow TLS without checking server cert
 #   against any certificate authorities.  WARNING: not recommended.  Use with
 #   caution.
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #
 # [*auth_section*]
 #   (Optional) Config Section from which to load plugin specific options
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*auth_type*]
 #   (Optional) Authentication type to load
@@ -51,26 +51,26 @@
 #
 # [*auth_version*]
 #   (Optional) API version of the admin Identity API endpoint.
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*cache*]
 #   (Optional) Env key for the swift cache.
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*cafile*]
 #   (Optional) A PEM encoded Certificate Authority to use when verifying HTTPs
 #   connections.
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*certfile*]
 #   (Optional) Required if identity server requires client certificate
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*delay_auth_decision*]
 #   (Optional) Do not handle authorization requests within the middleware, but
 #   delegate the authorization decision to downstream WSGI components. Boolean
 #   value
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*enforce_token_bind*]
 #   (Optional) Used to control the use and type of token binding. Can be set
@@ -80,57 +80,57 @@
 #   type is unknown the token will be rejected. "required" any form of token
 #   binding is needed to be allowed. Finally the name of a binding method that
 #   must be present in tokens. String value.
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*http_connect_timeout*]
 #   (Optional) Request timeout value for communicating with Identity API
 #   server.
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*http_request_max_retries*]
 #   (Optional) How many times are we trying to reconnect when communicating
 #   with Identity API Server. Integer value
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*include_service_catalog*]
 #   (Optional) Indicate whether to set the X-Service-Catalog header. If False,
 #   middleware will not ask for service catalog on token validation and will
 #   not set the X-Service-Catalog header. Boolean value.
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*keyfile*]
 #   (Optional) Required if identity server requires client certificate
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*memcache_pool_conn_get_timeout*]
 #   (Optional) Number of seconds that an operation will wait to get a memcached
 #   client connection from the pool. Integer value
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*memcache_pool_dead_retry*]
 #   (Optional) Number of seconds memcached server is considered dead before it
 #   is tried again. Integer value
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*memcache_pool_maxsize*]
 #   (Optional) Maximum total number of open connections to every memcached
 #   server. Integer value
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*memcache_pool_socket_timeout*]
 #   (Optional) Number of seconds a connection to memcached is held unused in
 #   the pool before it is closed. Integer value
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*memcache_pool_unused_timeout*]
 #   (Optional) Number of seconds a connection to memcached is held unused in
 #   the pool before it is closed. Integer value
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*memcache_secret_key*]
 #   (Optional, mandatory if memcache_security_strategy is defined) This string
 #   is used for key derivation.
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*memcache_security_strategy*]
 #   (Optional) If defined, indicate whether token data should be authenticated
@@ -138,17 +138,17 @@
 #   HMAC) in the cache. If ENCRYPT, token data is encrypted and authenticated in the
 #   cache. If the value is not one of these options or empty, auth_token will
 #   raise an exception on initialization.
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*memcache_use_advanced_pool*]
 #   (Optional)  Use the advanced (eventlet safe) memcached client pool. The
 #   advanced pool will only work under python 2.x Boolean value
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*memcached_servers*]
 #   (Optional) Optionally specify a list of memcached server(s) to use for
 #   caching. If left undefined, tokens will instead be cached in-process.
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*manage_memcache_package*]
 #  (Optional) Whether to install the python-memcache package.
@@ -156,13 +156,13 @@
 #
 # [*region_name*]
 #   (Optional) The region in which the identity server can be found.
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*token_cache_time*]
 #   (Optional) In order to prevent excessive effort spent validating tokens,
 #   the middleware caches previously-seen tokens for a configurable duration
 #   (in seconds). Set to -1 to disable caching completely. Integer value
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*service_token_roles*]
 #   (Optional) A choice of roles that must be present in a service token.
@@ -172,24 +172,24 @@
 #   here are applied as an ANY check so any role in this list
 #   must be present. For backwards compatibility reasons this
 #   currently only affects the allow_expired check. (list value)
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*service_token_roles_required*]
 #   (Optional) For backwards compatibility reasons we must let
 #   valid service tokens pass that don't pass the service_token_roles
 #   check as valid. Setting this true will become the default in
 #   a future release and should be enabled if possible.
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*service_type*]
 #  (Optional) The name or type of the service as it appears in the service
 #  catalog. This is used to validate tokens that have restricted access rules.
-#  Defaults to $::os_service_default.
+#  Defaults to $facts['os_service_default'].
 #
 # [*interface*]
 #  (Optional) Interface to use for the Identity API endpoint. Valid values are
 #  "public", "internal" or "admin".
-#  Defaults to $::os_service_default.
+#  Defaults to $facts['os_service_default'].
 #
 class {{cookiecutter.project_name}}::keystone::authtoken(
   $password,
@@ -198,37 +198,37 @@ class {{cookiecutter.project_name}}::keystone::authtoken(
   $project_name                   = 'services',
   $user_domain_name               = 'Default',
   $project_domain_name            = 'Default',
-  $system_scope                   = $::os_service_default,
-  $insecure                       = $::os_service_default,
-  $auth_section                   = $::os_service_default,
+  $system_scope                   = $facts['os_service_default'],
+  $insecure                       = $facts['os_service_default'],
+  $auth_section                   = $facts['os_service_default'],
   $auth_type                      = 'password',
   $www_authenticate_uri           = 'http://localhost:5000',
-  $auth_version                   = $::os_service_default,
-  $cache                          = $::os_service_default,
-  $cafile                         = $::os_service_default,
-  $certfile                       = $::os_service_default,
-  $delay_auth_decision            = $::os_service_default,
-  $enforce_token_bind             = $::os_service_default,
-  $http_connect_timeout           = $::os_service_default,
-  $http_request_max_retries       = $::os_service_default,
-  $include_service_catalog        = $::os_service_default,
-  $keyfile                        = $::os_service_default,
-  $memcache_pool_conn_get_timeout = $::os_service_default,
-  $memcache_pool_dead_retry       = $::os_service_default,
-  $memcache_pool_maxsize          = $::os_service_default,
-  $memcache_pool_socket_timeout   = $::os_service_default,
-  $memcache_pool_unused_timeout   = $::os_service_default,
-  $memcache_secret_key            = $::os_service_default,
-  $memcache_security_strategy     = $::os_service_default,
-  $memcache_use_advanced_pool     = $::os_service_default,
-  $memcached_servers              = $::os_service_default,
+  $auth_version                   = $facts['os_service_default'],
+  $cache                          = $facts['os_service_default'],
+  $cafile                         = $facts['os_service_default'],
+  $certfile                       = $facts['os_service_default'],
+  $delay_auth_decision            = $facts['os_service_default'],
+  $enforce_token_bind             = $facts['os_service_default'],
+  $http_connect_timeout           = $facts['os_service_default'],
+  $http_request_max_retries       = $facts['os_service_default'],
+  $include_service_catalog        = $facts['os_service_default'],
+  $keyfile                        = $facts['os_service_default'],
+  $memcache_pool_conn_get_timeout = $facts['os_service_default'],
+  $memcache_pool_dead_retry       = $facts['os_service_default'],
+  $memcache_pool_maxsize          = $facts['os_service_default'],
+  $memcache_pool_socket_timeout   = $facts['os_service_default'],
+  $memcache_pool_unused_timeout   = $facts['os_service_default'],
+  $memcache_secret_key            = $facts['os_service_default'],
+  $memcache_security_strategy     = $facts['os_service_default'],
+  $memcache_use_advanced_pool     = $facts['os_service_default'],
+  $memcached_servers              = $facts['os_service_default'],
   $manage_memcache_package        = false,
-  $region_name                    = $::os_service_default,
-  $token_cache_time               = $::os_service_default,
-  $service_token_roles            = $::os_service_default,
-  $service_token_roles_required   = $::os_service_default,
-  $service_type                   = $::os_service_default,
-  $interface                      = $::os_service_default,
+  $region_name                    = $facts['os_service_default'],
+  $token_cache_time               = $facts['os_service_default'],
+  $service_token_roles            = $facts['os_service_default'],
+  $service_token_roles_required   = $facts['os_service_default'],
+  $service_type                   = $facts['os_service_default'],
+  $interface                      = $facts['os_service_default'],
 ) {
 
   include {{cookiecutter.project_name}}::deps
diff --git a/puppet-{{cookiecutter.project_name}}/manifests/logging.pp b/puppet-{{cookiecutter.project_name}}/manifests/logging.pp
index 52ad542..e139932 100644
--- a/puppet-{{cookiecutter.project_name}}/manifests/logging.pp
+++ b/puppet-{{cookiecutter.project_name}}/manifests/logging.pp
@@ -6,27 +6,27 @@
 #
 # [*debug*]
 #   (Optional) Should the daemons log debug messages
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #
 # [*use_syslog*]
 #   (Optional) Use syslog for logging.
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #
 # [*use_json*]
 #   (Optional) Use json for logging.
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #
 # [*use_journal*]
 #   (Optional) Use journal for logging.
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #
 # [*use_stderr*]
 #   (Optional) Use stderr for logging
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #
 # [*syslog_log_facility*]
 #   (Optional) Syslog facility to receive log lines.
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #
 # [*log_dir*]
 #   (Optional) Directory where logs should be stored.
@@ -39,38 +39,38 @@
 #
 # [*watch_log_file*]
 #   (Optional) Uses logging handler designed to watch file system (boolean value).
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #
 # [*logging_context_format_string*]
 #   (Optional) Format string to use for log messages with context.
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #   Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\
 #              [%(request_id)s %(user_identity)s] %(instance)s%(message)s'
 #
 # [*logging_default_format_string*]
 #   (Optional) Format string to use for log messages without context.
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #   Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\
 #              [-] %(instance)s%(message)s'
 #
 # [*logging_debug_format_suffix*]
 #   (Optional) Formatted data to append to log format when level is DEBUG.
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #   Example: '%(funcName)s %(pathname)s:%(lineno)d'
 #
 # [*logging_exception_prefix*]
 #   (Optional) Prefix each line of exception output with this format.
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #   Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s'
 #
 # [*log_config_append*]
 #   (Optional) The name of an additional logging configuration file.
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #   See https://docs.python.org/2/howto/logging.html
 #
 # [*default_log_levels*]
 #   (Optional) Hash of logger (keys) and level (values) pairs.
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #   Example:
 #     { 'amqp'  => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN',
 #          'sqlalchemy' => 'WARN', 'suds' => 'INFO',
@@ -82,11 +82,11 @@
 #
 # [*publish_errors*]
 #   (Optional) Publish error events (boolean value).
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #
 # [*fatal_deprecations*]
 #   (Optional) Make deprecations fatal (boolean value)
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #
 # [*instance_format*]
 #   (optional) If an instance is passed with the log message, format it
@@ -97,35 +97,35 @@
 #  [*instance_uuid_format*]
 #    (Optional) If an instance UUID is passed with the log message, format
 #               it like this (string value).
-#    Defaults to $::os_service_default
+#    Defaults to $facts['os_service_default']
 #    Example: instance_uuid_format='[instance: %(uuid)s] '
 #
 # [*log_date_format*]
 #   (Optional) Format string for %%(asctime)s in log records.
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #   Example: 'Y-%m-%d %H:%M:%S'
 #
 class {{cookiecutter.project_name}}::logging(
-  $use_syslog                    = $::os_service_default,
-  $use_json                      = $::os_service_default,
-  $use_journal                   = $::os_service_default,
-  $use_stderr                    = $::os_service_default,
-  $syslog_log_facility           = $::os_service_default,
+  $use_syslog                    = $facts['os_service_default'],
+  $use_json                      = $facts['os_service_default'],
+  $use_journal                   = $facts['os_service_default'],
+  $use_stderr                    = $facts['os_service_default'],
+  $syslog_log_facility           = $facts['os_service_default'],
   $log_dir                       = '/var/log/{{cookiecutter.project_name}}',
   $log_file                      = '/var/log/{{cookiecutter.project_name}}/{{cookiecutter.project_name}}.log',
-  $watch_log_file                = $::os_service_default,
-  $debug                         = $::os_service_default,
-  $logging_context_format_string = $::os_service_default,
-  $logging_default_format_string = $::os_service_default,
-  $logging_debug_format_suffix   = $::os_service_default,
-  $logging_exception_prefix      = $::os_service_default,
-  $log_config_append             = $::os_service_default,
-  $default_log_levels            = $::os_service_default,
-  $publish_errors                = $::os_service_default,
-  $fatal_deprecations            = $::os_service_default,
-  $instance_format               = $::os_service_default,
-  $instance_uuid_format          = $::os_service_default,
-  $log_date_format               = $::os_service_default,
+  $watch_log_file                = $facts['os_service_default'],
+  $debug                         = $facts['os_service_default'],
+  $logging_context_format_string = $facts['os_service_default'],
+  $logging_default_format_string = $facts['os_service_default'],
+  $logging_debug_format_suffix   = $facts['os_service_default'],
+  $logging_exception_prefix      = $facts['os_service_default'],
+  $log_config_append             = $facts['os_service_default'],
+  $default_log_levels            = $facts['os_service_default'],
+  $publish_errors                = $facts['os_service_default'],
+  $fatal_deprecations            = $facts['os_service_default'],
+  $instance_format               = $facts['os_service_default'],
+  $instance_uuid_format          = $facts['os_service_default'],
+  $log_date_format               = $facts['os_service_default'],
 ) {
 
   include {{cookiecutter.project_name}}::deps
diff --git a/puppet-{{cookiecutter.project_name}}/manifests/params.pp b/puppet-{{cookiecutter.project_name}}/manifests/params.pp
index 03f1860..7f76694 100644
--- a/puppet-{{cookiecutter.project_name}}/manifests/params.pp
+++ b/puppet-{{cookiecutter.project_name}}/manifests/params.pp
@@ -9,15 +9,14 @@ class {{cookiecutter.project_name}}::params {
 
   $group = '{{cookiecutter.project_name}}'
 
-  case $::osfamily {
+  case $facts['os']['family'] {
     'RedHat': {
     }
     'Debian': {
     }
     default: {
-      fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}, \
-module ${module_name} only support osfamily RedHat and Debian")
+      fail("Unsupported osfamily: ${facts['os']['family']}")
     }
 
-  } # Case $::osfamily
+  } # Case $facts['os']['family']
 }
diff --git a/puppet-{{cookiecutter.project_name}}/manifests/policy.pp b/puppet-{{cookiecutter.project_name}}/manifests/policy.pp
index f99d372..5263719 100644
--- a/puppet-{{cookiecutter.project_name}}/manifests/policy.pp
+++ b/puppet-{{cookiecutter.project_name}}/manifests/policy.pp
@@ -6,12 +6,12 @@
 #
 # [*enforce_scope*]
 #  (Optional) Whether or not to enforce scope when evaluating policies.
-#  Defaults to $::os_service_default.
+#  Defaults to $facts['os_service_default'].
 #
 # [*enforce_new_defaults*]
 #  (Optional) Whether or not to use old deprecated defaults when evaluating
 #  policies.
-#  Defaults to $::os_service_default.
+#  Defaults to $facts['os_service_default'].
 #
 # [*policies*]
 #   (Optional) Set of policies to configure for {{cookiecutter.project_name}}
@@ -34,11 +34,11 @@
 #
 # [*policy_default_rule*]
 #   (Optional) Default rule. Enforced when a requested rule is not found.
-#   Defaults to $::os_service_default.
+#   Defaults to $facts['os_service_default'].
 #
 # [*policy_dirs*]
 #   (Optional) Path to the {{cookiecutter.project_name}} policy folder
-#   Defaults to $::os_service_default
+#   Defaults to $facts['os_service_default']
 #
 # [*purge_config*]
 #   (optional) Whether to set only the specified policy rules in the policy
@@ -46,12 +46,12 @@
 #    Defaults to false.
 #
 class {{cookiecutter.project_name}}::policy (
-  $enforce_scope        = $::os_service_default,
-  $enforce_new_defaults = $::os_service_default,
+  $enforce_scope        = $facts['os_service_default'],
+  $enforce_new_defaults = $facts['os_service_default'],
   $policies             = {},
   $policy_path          = '/etc/{{cookiecutter.project_name}}/policy.yaml',
-  $policy_default_rule  = $::os_service_default,
-  $policy_dirs          = $::os_service_default,
+  $policy_default_rule  = $facts['os_service_default'],
+  $policy_dirs          = $facts['os_service_default'],
   $purge_config         = false,
 ) {