Quantcast
Channel: Ask Puppet: Puppet DevOps Q&A Community - RSS feed
Viewing all 257 articles
Browse latest View live

Understanding Hiera settings and like it's working

June 14, 2016, 5:49 am
$
0
0
Hello, I've recently found a structure of puppet ready and functional using hiera, but I don't know like it's working. my hiera settings: /etc/puppetlabs/code/hiera.yaml 
:backends:
  - yaml
:yaml:
  :datadir: "/etc/puppetlabs/code/environments/%{environment}/hieradata"
:hierarchy:
  - "hostname/%{city}/%{trusted.certname}"
  - "profiles/%{::location}/%{::service}/%{::profileserver}"
  - "profiles/%{::location}/default"
  - "city/%{city}"
  - "virtual_%{is_virtual}/%{virtual}"
  - "os/%{kernel}/%{osfamily}"
  - "os/%{kernel}/default"

#:merge_behavior: deeper
/etc/puppetlabs/code/environments/production/manifests/site.pp 
$city          = define_server($trusted['certname'],'city')
$location      = define_server($trusted['certname'],'location')
$service       = define_server($trusted['certname'],'service')
$profileserver = define_server($trusted['certname'],'profile')
an example of settings in hiera hierarchy /etc/puppetlabs/code/environments/production/hieradata/profiles/aa/puppetmaster/master.yaml 
---
######################################
#####     puppet-agent             ###
######################################
puppet_agent::master: true
puppet_agent::vardir: '/opt/puppetlabs/server/data/puppetserver'
#puppet_agent::logdir: '/var/log/puppetlabs/puppetserver'
puppet_agent::rundir: '/var/run/puppetlabs/puppetserver'
puppet_agent::pidfile: '/var/run/puppetlabs/puppetserver/puppetserver.pid'
puppet_agent::codedir: '/etc/puppetlabs/code'
puppet_agent::storeconfigs: true
puppet_agent::storeconfigs_backend: 'puppetdb'
puppet_agent::reports: 'puppetdb'
The question is, how the puppet knows what are the profiles, services and cities of the servers? I've already looked on facts of the agents but don't found this variable! thanks.
Search

Hiera hash or array error

June 14, 2016, 11:08 am
$
0
0
I developed an AWS S3 bakcup modul, but after the latest modify, puppet client not running (for run I using a following command: puppet agent --no-daemonize --debug --onetime). My hiera.yaml: --- :backends: - yaml :yaml: :datadir: /etc/puppet/hieradata :hierarchy: - "%{hostname}" - "%{domain}" - common :merge_behavior: deeper Common.yaml awsbackupdetails: aws-region: "XYZ" aws-bucket-name: XYZ aws-access-key-id: "XYZ" aws-secret-acces-key: "XYZ" gpgkey: XYZ gpgpass: "XYZ" xyz.hostname.lan.yaml awss3backup: zurveysql: backuptype: database backuptypeselect: all backupdescription: "" /etc/puppet/manifests/servergroups/server.pp if(hiera('awss3backup')){ include backupaws $awsbackupdetails = hiera('awsbackupdetails') class { 'backupaws::credentials': aws_region => $awsbackupdetails['aws-region'], aws_bucket_name => $awsbackupdetails['aws-bucket-name'], aws_access_key_id => $awsbackupdetails['aws-access-key-id'], aws_secret_acces_key => $awsbackupdetails['aws-secret-acces-key']; 'backupaws::gnupg': gpgkey => $awsbackupdetails['gpgkey'], gpgpass => $awsbackupdetails['gpgpass']; } $awss3backup = hiera('awss3backup') create_resources('backupaws::duply', $awss3backup) } /etc/puppet/modules/backupaws/manifests/duply.pp (detail): $var = $awsbackupdetails['aws-bucket-name'] exec { "${name}_AWS_S3_Initialization": refreshonly => true, cwd => "/root/.duply/${hostname}-${name}/", command => "aws s3 cp .backupdetails.txt s3://${var}/${$hostname}/${name}/backupdetails.txt", path => '/usr/local/bin/'; } I gave a following error in puppet client: Error: Could not retrieve catalog from remote server: Error 400 on SERVER: awsbackupdetails is not a hash or array when accessing it with aws-bucket-name at /etc/puppet/modules/backupaws/manifests/duply.pp:30 on node ntc-hun-zurveydb01.dhq.neticle.net Any idea ? Thank you!

hiera lookup failure

June 19, 2016, 9:42 pm
$
0
0
Given this /etc/puppetlabs/code/hiera.yaml --- :backends: - json :hierarchy: - "%{hostname}.%{nt_environment}.%{nt_location}" - "%{nt_type}.%{nt_environment}.%{nt_location}" - "%{nt_type}.%{nt_environment}" - "%{nt_environment}.%{nt_location}" - "%{nt_environment}" - "%{nt_location}" - world - default :logger: console # debug :json: :datadir: '/etc/puppetlabs/code/environments/%{::environment}/hieradata' # this is the default anyway and there exists /etc/puppetlabs/code/environments/prod/hieradata/sac.json, this "puppet lookup --debug icinga_servers --environment prod" produces Debug: hiera(): Looking for data source puppetmaster.ops Debug: hiera(): Looking for data source ops.sac Debug: hiera(): Looking for data source ops Debug: hiera(): Looking for data source sac Debug: hiera(): Looking for data source world Debug: hiera(): Looking for data source default (& lots more of course).
Why can't it find the /etc/puppetlabs/code/environments/prod/hieradata/sac.json file which contains the key I'm looking for ?
Puppet server 2.4

Hiera with masterless Puppet - how to extract data from available facts?

June 22, 2016, 3:15 am
$
0
0
I'd need to infer some information from available facts, e.g. given a hostname like `dev-london1-server0`, available as fact to hiera, I would like to extract the environment (`dev`), the datacenter (`london1`) and optionally the server name (`server0`), so that I can use them to instruct hiera how to navigate the hierarchy. For example I'd like an hierarchy like this: hieradata/dev/london1/common.yaml hieradata/dev/london1/dev-london1-server0.yaml hieradata/dev/london1/dev-london1-server1.yaml hieradata/dev/london2/common.yaml ... with a hiera.yaml like this: --- :backends: - yaml :yaml: :datadir: ./hieradata :hierarchy: - "%{env}/%{datacenter}/%{::fqdn}" - "%{env}/%{datacenter}/common" - "virtual/%{::virtual}" - "osfamily/%{osfamily}" - common My idea is to extract %{env} and %{datacenter} from the local `::hostname` provided by facter (e.g. `dev-london1-server0`). Is there a way to do this? What alternative solution could be applied? As mentioned, this is a masterless structure. Thanks.

Hiera variables help

June 28, 2016, 2:10 pm
$
0
0
can someone help me with including hiera variables where I donot have to repeat the "%{hiera('')}" and class:: every time file1.yaml class::param1: "valuees1" class::param2: "%{hiera('class::param1')}a" class::param3: "%{hiera('class::param1')}b" file2.yaml class2::param1: "valuees1" class2::param2: "%{hiera('class2::param1')}a" class2::param3: "%{hiera('class::param1')}b"

Access hiera array element in erb template

June 29, 2016, 6:10 pm
$
0
0
So, I have check_command check_nrpe!check_ntp_drift!<%= env['ntpservers'][0] %> in a template .erb file.
This gives the error Function Call, Failed to parse template icinga/etc/icinga/COLLECT/icinga/base.cfg.erb: Filepath: /etc/puppetlabs/code/environments/prod/modules/icinga/templates/etc/icinga/COLLECT/icinga/base.cfg.erb Line: 50 Detail: undefined local variable or method `env' for # during a puppet agent run.
'env' is defined in site.pp $env = hiera_hash(env) Can anyone provide the correct syntax please (this is on puppet 4, ported from working puppet 3 if that helps)

Thanks
Chris

@Lupin: y, funnily enough I just tried that (randomly) and it worked.
My prob is I'm new to puppet and know zero about Ruby. I'm not clear on the different syntax's of each lang and eg whether/when to differentiate between hash, array, element of hash/array and what syntax to use in each case.

I guess this is 'Solved' :)

PS: If you're good with hiera, can you take a look at https://ask.puppet.com/question/26713/hiera-lookup-failure/ ?

Hiera interpolation

June 28, 2016, 8:16 am
$
0
0
Hi. I have a hiera hash like this: profiles::microservices::filesystems: rootvg: physical_volumes: - /dev/sda2 logical_volumes: service_bin: size: 1G mountpath: /apps/lvservices fs_type : xfs service_log: size: 1G mountpath: /apps/lvservices/logs what i want to do is lookup the values of all mountpath keys in the array and do something with them. My question is how on earth do i lookup those keys in my puppet class? (is that even possible?)

Catalog applies after restarting puppetserver service only

June 30, 2016, 12:12 am
$
0
0
Hello! I recently configured a new puppet 4.5.2 environment in my company. I connected an hiera using couchdb to manage my hierarchy. Now, when im running 'puppet agent -t' in any node (even in the master) the catalog doesn't apply and getting changes from the DB if there are any. When im using 'systemctl restart puppetserver' the changes applies . What could be the problem? I have seen the PUP-4461 issue and made sure that it isn't my problem. In addition, i have another critical problem : my 'puppetserver' service is taking 100% cpu when im starting it, and takes about 40 seconds to restart. Max-active-instances: 1 Xms4g Xmx4g. I have 2 CPU and 6GB RAM. Thanks !!
Search

iteration and repetition through hiera hashes in puppet 2016.1

July 8, 2016, 8:34 am
$
0
0
HI All i've defined a hash like so: ms::group: msmdxgrp: gid: 1203 and i'm trying to create a generic profiles which will create a unix group from that. i'm trying to prize myself away from create_resources by doing this: class profiles::groups ( $groups_to_create, ) { $groups_to_create.each |String $group| { group { $group: * => $group } } } so should that work? it doesn't at the moment as i get this: Error 400 on SERVER: Syntax error at '=>' at /etc/puppetlabs/code/environments/tibcotommy/site/profiles/manifests/groups.pp:10:7 it's really because I'm refactoring everything for puppet 2016.1 and I'm led to believe that create\_resources is old skool and will probably become defunct. I've read reams and reams of documentation and examples of iteration but admittedly i can't find anything definitive for iterating through a hash with a method other than create\_resources.

hiera_hash Cannot reassign variable '$network' in site.pp

July 10, 2016, 9:24 pm
$
0
0
site.pp $mysql = hiera_hash(mysql) $network = hiera_hash(network) $nfs = hiera_hash(nfs) default.json "mysql" : {}, "network" : {}, "nfs" : {}, This gives Cannot reassign variable '$network' at /etc/puppetlabs/code/environments/prod/manifests/site.pp Removing 'network' entry from default.json gives Could not find data item network in any Hiera data file and no default supplied at /etc/puppetlabs/code/environments/prod/manifests/site.pp Can anybody explain what's going on ?

Chris
Hiera v3.2, Puppet master 4 (2.4)

Well I did search for it, but all I got was grep -r network manifests/ manifests/site.pp:$network = hiera_hash(network) and grep -r \$network modules/ modules/network/manifests/classes/tagging/configuration.pp: if $network['vlan'] { modules/network/manifests/classes/tagging/configuration.pp: tagged_vlan { $network['vlan']: } which leads to define tagged_vlan() { file { "/etc/sysconfig/network-scripts/ifcfg-bond0.${name}": ensure => file, content => template('network/etc/sysconfig/network-scripts/ifcfg-bond0.erb') } file { "/etc/sysconfig/network-scripts/ifcfg-bridge0.${name}": ensure => file, content => template('network/etc/sysconfig/network-scripts/ifcfg-bridge0.erb') } ifcfg-eth-vlan{ "eth0.${name}": vlan => $name, interface => "eth0", } ifcfg-eth-vlan{ "eth1.${name}": vlan => $name, interface => "eth1", } }

Some questions about r10k with hiera

July 16, 2016, 6:33 am
$
0
0
Hi all! I newbie in use puppet + hiera + r10k and i have some questions: 1) *Double declarations*. For example, i have 2 hiera files: **puppet.local.yaml** and **common.yaml** . In both i write classes: - ntp and, as expected, i get an error Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Evaluation Error: Error while evaluating a Resource Statement, Duplicate declaration: Class[Ntp] is already declared; cannot redeclare at /etc/puppetlabs/code/environments/production/site/profile/manifests/base.pp:2 at /etc/puppetlabs/code/environments/production/site/profile/manifests/base.pp:2:3 on node puppetdb.local So, i can trace and rectify this 2 files, then clear all double declarations, but what can i do, if this files - 1000 and many more? 2) *R10k modules dependings*. How to install modules dependings with r10k & Puppetfile? For example, i want to install puppetdb and i write my Puppetfile for r10k: mod 'puppetlabs/puppetdb', :latest But it does not install any dep's Warning: Missing dependency 'puppetlabs-firewall': 'puppetlabs-puppetdb' (v5.1.2) requires 'puppetlabs-firewall' (>= 1.1.3 <2.0.0) Warning: Missing dependency 'puppetlabs-inifile': 'puppetlabs-puppetdb' (v5.1.2) requires 'puppetlabs-inifile' (>= 1.1.3 <2.0.0) Warning: Missing dependency 'puppetlabs-postgresql': 'puppetlabs-puppetdb' (v5.1.2) requires 'puppetlabs-postgresql' (>= 4.0.0 <5.0.0) and i dont know what it's needed. So, i can somehow say to him, what he must install puppetdb **and all dependency**?

How to call hiera in a class definition?

July 17, 2016, 4:40 am
$
0
0
I am facing an issue in calling a hiera key with in a class.. I am playing with hiera to learn how it works and so the idea is to create set of users and groups. My class looks like the following. class musers ( $users = hiera("in_users", $groups = hiera("in_groups")) { create_resources(user, $users) create_resources(group, $groups) } where in_users and in_groups are the key holding the value and my hiera data looks like the following. --- in_users: user1: ensure: present home: /home/in/user1 managehome: true shell: /bin/bash uid: 10001 gid: 10001 password: $1$bM0KFO/z$usCU/t3/NiaL2YBRkoSTM. user2: ensure: present home: /home/in/user2 managehome: true shell: /bin/bash uid: 10002 gid: 10002 password: $1$bM0KFO/z$usCU/t3/NiaL2YBRkoSTM. in_groups: graphics: ensure: present gid: 601 hardwares: ensure: present gid: 602 coreadmin: ensure: present gid: 603 Issue:- I have assigned the musers class to the agent via PE Console and did 'puppet agent --test' and it is giving out the following error. [root@agent1 ~]# puppet agent --test Info: Using configured environment 'production' Info: Retrieving pluginfacts Info: Retrieving plugin Info: Loading facts Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Syntax error at '{' at /etc/puppetlabs/code/environments/production/modules/musers/manifests/init.pp:4:1 on node agent Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run

iterate through consul items in hiera

July 21, 2016, 10:48 am
$
0
0
I have the consul backend as follows: application/ESC/DeploymentDemo/ESC-DeploymentDemo-trunk/web/database_model The hierarchy in the database_model should be something as follows: application/ESC/DeploymentDemo/ESC-DeploymentDemo-trunk/web/database_model/Oracle/resource_name etc., Say for DB2, it is as follows: application/ESC/DeploymentDemo/ESC-DeploymentDemo-trunk/web/database_model/DB2/resource_name etc., Question: I need to create a ***tomcat::config::context::resource*** with each of the datasources. How do i iterate through the hiera elements and create a Resource tag for each datasource? I tried something like this and it didn't even get called: Not sure what the problem is: I am using ***puppet 4.5.2***, Any help is much appreciated. $consul_db_model = hiera('database_model',[]) $consul_db_model.each |String $item| { tomcat::config::context::resource { 'jdbc' : resource_name => $item.resource_name, resource_type => $item.resource_type, additional_attributes => { auth => $item.auth, maxActive => $item.maxActive, maxIdle => $item.maxIdle, minIdle => $item.minIdle, maxWait => $item.maxWait, username => $item.username, password => $item.password, driverClassName => $item.driverClassName, url => $item.url, }, } } database_model datasource_name1 resource_name resource_type auth maxActive maxIdle minIdle maxWait username password driverClassName url urls_database_driver_jars datasource_name2 resource_name resource_type auth maxActive maxIdle minIdle maxWait username password driverClassName url urls_database_driver_jars

hiera lookups in hiera

July 22, 2016, 4:25 am
$
0
0
Hello all. I have this defined in one hiera file: application::user: someusername: uid: 3428 managehome: true comment: Application User shell: /bin/bash gid: 1203 and in another hiera file i have this: apache::vhosts : user-vhost: docroot: docroot_owner: log_level: debug ip_based: true The question is (and i don't know whether it's possible) can i get the "someusername" value and use it in the docroot_owner bit? i've tried: docroot_owner: "%{hiera('application::user[$title]')}" but that doesn't work. any other ideas? is this even possible? I'm on 2016.1 Thanks!

regex in hiera lookup

July 22, 2016, 12:49 pm
$
0
0
Can we use regex in hiera lookup? I want to get the data from the hiera lookup which looks like this: db_model = hiera('database_model/datasource1',[]) db_model = hiera('database_model/datasource2',[]) etc., Just that I shouldn't hard code datasource1 or 2 but get whatever is available. Also, does hiera lookup work with .each iteration loop for values inside a folder or does it work only for a static field like /database_model/datasource1/driverClassName or is it possible to read the hiera data from the entire /database_model/datasource1/ folder in consul? Please provide some examples. The ones in the reference docs aren't working for this case. Many thanks in advance.
Search

hash lookup in template using scope function

July 25, 2016, 7:39 am
$
0
0
Hi, I want am using following code for hiera lookup which is working fine. YAML --- appname: 'tomcat' Template --- appname: <%= scope().call_function('hiera',['appname'])%> But, now I have values in YAML in hash format and I want to do lookup using $hostname.appname (where hostname should be facter and appname is sub key) e.g. YAML --- agentnode1: appname: 'tomcat' approle: 'webserver' Template --- approle: <%= scope().call_function('hiera',['@hostname.approle'])%> Above lookup is not working as @hostname facter is not getting resolved in this lookup. Also, I tried escaping the quotes but no use. Any ideas?

How can I collect values from Hiera in a hash.

July 28, 2015, 5:42 am
$
0
0
I have wrapper class that I want to use to set up a nginx server, as well as set up firewall ports and selinux ruls. So I have for example this in my hiera data: my_nginx::vhosts: localhost_8081: listen_port: 8081 www_root: /usr/share/nginx/html localhost_8082: listen_port: 8082 www_root: /usr/share/nginx/html I use this in createsources, with the defined type that comes with the nginx module I use, and this works as expected. However I also need to create firewall rules. So I add something like this: iptables::rule { $ports: } This is done using a custom defined type. In order to tell it which ports need to be opened I have this in hiera: my_nginx::ports: - 8081 - 8082 As you can see this means that whenever I add a virtual host to hiera I need to specify the port twice. Is there a way around this? Is there a way to just collect all the "listen_port" values in an array, that I can use to create the iptables::port resources?

What is the convention/best practice store the database related information

July 29, 2016, 8:37 am
$
0
0
I would like to know the convention/best practice that is followed in the puppet managed projects for storing database information. Do you store it in YAML/JSON to be called in hiera or in Consul? How do you store secrets like username/password for DB in keys? Please suggest some best mechanisms and examples if any.

puppetlabs-rabbitmq: multiple routing keys for same binding

August 2, 2016, 9:33 am
$
0
0
How can I create 2 bindings between the same exchange / queue, but with multiple routing keys? This is legal and works when setup manually. I am using create_resources after pulling the bindings from hiera: create_resources(rabbitmq_binding, $bindings, $binding_defaults) where the source looks like: role::rabbitmq::bindings: [...] 'foo.bar.exchange@foo.bar.xyz.queue@/': routing_key: 'foo.bar.xyz.key' ' foo.bar.exchange@foo.bar.xyz.queue@/ ': routing_key: 'foo.bar.xyz.published.key' There's no error, but since there's a duplicate hash key, only one prevails. Just to make sure it wasn't a problem with my use of create_resources, I also tested rabbitmq_binding { 'foo.bar.exchange@foo.bar.xyz.queue@/': user => $admin_user, password => $admin_pass, destination_type => 'queue', routing_key => 'foo.bar.xyz.key', arguments => {}, ensure => present, } rabbitmq_binding { 'foo.bar.exchange@foo.bar.xyz.queue@/': user => $admin_user, password => $admin_pass, destination_type => 'queue', routing_key => 'foo.bar.xyz.published.key', arguments => {}, ensure => present, } and of course there's a duplicate resource error that way. Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Duplicate declaration: Rabbitmq_binding[foo.bar.exchange@foo.bar.xyz.queue@/] is already declared; cannot redeclare at /etc/puppet/modules/role/manifests/rabbitmq.pp:XXX on node foo.example.net I tried making routing_key an array, as well as a comma-delimited string, and even space-padding the hash key (this latter I think might work if I edit the validation rules in the module), and none of that seems to work. It also doesn't seem that there's a way to set the name separately from the resource name, but let me know if I'm wrong there and there's an undocumented way to do this.

Using hiera data in tagmail.conf

August 11, 2016, 11:59 am
$
0
0
Is it possible to use values from hiera variables in the tagmail.conf for mail address instead of hard coding them in tagmail.conf? Basically I want to know if we can do something like this: $send_error_to = hiera('email_to',[]) And use this $send_error_to in the email portion in tagmail.conf like this: [tagmap] crit,emerg,alert,err,warning: $send_error_to And that should send the email to the ids mentioned in hiera. Please provide examples if it's possible. Many thanks!
Viewing all 257 articles
Browse latest View live
Search