Hi all,
For a set of Puppet modules which are tightly coupled to hiera, I'm trying to figure out a way to decouple from hiera and provide a suitable way to supply a set of default parameters. A sample class (non-refactored) is shown at [1].
One possible option I though of using is the params class model, which uses a params class to include the default mandatory parameters. By default, the hiera lookups can be commented out so that the default parameters in params class is picked. I referred the ntp puppet module as a reference [2].
wdyt of this method? What would be a cleaner approach?
Thank you!
[1].
#
class foo inherits base {
$foo1 = hiera('foo1param')
$foo2 = hiera('foo2param')
# other logic
}
[2]. https://github.com/puppetlabs/puppetlabs-ntp/blob/master/manifests/init.pp
↧
Refactoring Puppet Modules to Remove the Hiera Coupling
↧
using hiera in .conf file
Please provide examples on how to use hiera lookups inside a .conf file, should that be possible and allowed.
Thanks!
↧
↧
Where i can find hiera v2 as an rpm ?
Hi,
I wonder if Hiera 2+ will be available as RPM ? In [official yum repository](http://yum.puppetlabs.com/el/7/products/x86_64/) i see only 1.3.x versions (2014), while [puppet web site](https://docs.puppet.com/hiera/2.0/release_notes.html) lists 2 (2015) and 3 (2016) versions.
Regards,
Iakov
↧
Is putting operating system specific data in Hiera a bad practice?
I'm working on architecting Puppet, from scratch, for our data center and trying to keep our Hiera hierarchy to a minimum. One of the things we do with our current home-grown configuration management system is have different settings for different OS levels. For example, if we're running Solaris 10, then "ntp" should be running. If Solaris 11, then "ntp4" should be running. In fact, they both have widely different services to be enabled/disabled.
I'm wondering whether or not this should all be handled within the modules or whether or not its an ok practice to configure this in Hiera. It would be much easier to do it all in Hiera where I could just have an array of expected services enabled/disabled.
↧
setting up consul as hiera backend in rspec tests
I'd like to know how to setup consul as hiera backend when we are testing a module using rspec. I see rnelson's blog on setting hiera with rspec but that is based on yaml. I'd like to know how to make the module aware of consul as it's backend while testing that.
Please provide examples. Thanks!
P.S: Right now, I get the error,
Failure/Error: $envValue=hiera('field_to_lookup',[])
Puppet::PreformattedError:
Evaluation Error: Error while evaluating a Function Call, Cannot load backend consul: cannot load such file -- hiera/backend/consul_backend at /home/vagrant/modulename/spec/fixtures/modules/modulename/manifests/tomcat/config_tomcat.pp:7:15 on node localhost.domain.com
↧
↧
Application specific f5 data in hiera
We're trying to come up with a way to group the application specific f5 LTM configurations with the application data in hiera. I'm asking here if anyone has come up with a solution other than just putting all the LTM configuration data into LTM node specific yaml files. Ideally, the LTM configuration for an app would be located somewhere close to the hiera files for the app, so they're easy to find and edit.
↧
puupet not loading hiera data.
Hi all! Iam a newbie to puppet and had a question regarding hiera. We have puppet and hiera already setup with many nodes. I have followed some instructions on signing the puppet node and restarting puppet server agent etc.. but my bottomline problem seems to be that puppet is not applying the yaml "facter" data to the new puupet node Iam trying to add. Any help would be good. Is there a way I can load this hiera data or am I missing something?
Just to add - running "facter" on the node produces all expected data, so that it working. Also a follow up question - do we manually create the ".yaml file or is it created by puppet somehow - sorry this maybe a fundamental question but as I said, I am a newbie to puppet.
Thanks for your time! Appreciate this!
↧
hiera only finding common.yaml and fqdn.yaml
Hi All, I'm working on a new Puppet setup and I'm running into an issue with hiera where it only applies classes found in common.yaml or $fqdn.yaml. The Puppet Server is CentOS 6.8 running puppetserver.noarch 2.5.0-1.el6 @puppetlabs-pc1.
Below is my site.pp, following that is my hiera.yaml
cat site.pp
hiera_include('classes')
File {
backup => false,
}
cat hiera.yaml
---
:backends:
- yaml
:yaml:
:datadir: "/etc/puppetlabs/code/environments/development/hieradata"
:hierarchy:
- "nodes/%{::fqdn}"
- "osfamily/%{::os.family}-%{::os.release.major}"
- "osfamily/%{::os.family}"
- common
Below is the directory structure with directories for osfamily as well as individual nodes.
tree
.
├── common.yaml
├── hiera.yaml
├── nodes
│ ├── dev6.example.com.yaml
│ └── dev7.example.com.yaml
└── osfamily
├── RedHat-6.yaml
├── RedHat-7.yaml
└── RedHat.yaml
The yaml files are very simple since I've been trying to cut everything out while debugging this.
cat common.yaml
---
classes:
- bash
cat nodes/dev6.example.com.yaml
---
classes:
- glibc
cat nodes/dev7.example.com.yaml
---
classes:
- glibc
cat osfamily/RedHat-6.yaml
---
classes:
- postfix
cat osfamily/RedHat-7.yaml
---
classes:
- postfix
cat osfamily/RedHat.yaml
---
classes:
- httpd
I've been browsing the questions related to hiera, and it seems a lot of people have issues similar to this, one person updated to the latest and the issue vanished. I have verified the clients are sending the os.family and os.release.major facts. Thanks for taking a look.
↧
how to setup hiera data in beaker-rspec
How do we set up hieradata in beaker-rspec?
In my base machine, i have successful rspec-puppet unit tests with hieradata and hiera.yaml configured and working.
How do i bring in those setup configurations for hiera into my host machine that is a puppet agent installed by Beaker-rspec?
Please provide examples.
I now get
Error while evaluating a Function Call, Could not find data item service_name in any Hiera data file and no default supplied at /etc/puppetlabs/code/environments/production/modules/nodecheck/manifests/consul.pp
But i have this hieradata in my base machine, not sure how to scp to host.
Thanks in advance.
↧
↧
Hiera Data Provider Classic vs Version 4 Interpolation Behavior
When a variable cannot be resolved in a configured path for hiera v4 the entire lookup fails and nothing is returned. In Hiera classic, the lookup would continue on using the next defined path.
Example v4 hiera.yaml:
---
version: 4
datadir: data
hierarchy:
- name: "Tier"
backend: yaml
path: "%{undefinedvariable}"
Example:
puppet lookup classes --node 'nodeone' --explain --merge unique
...
No such key: "undefinedvariable"
Is this expected behavior? My use case is that not all of my nodes in the same environment have identical facts and if a dynamic path contains a variable that cannot be resolved, I would like the lookup to continue and use the paths that contain variables that can be resolved. Basically, continue to function as Hiera classic does.
---
version: 4
datadir: data
hierarchy:
- name: "Tier"
backend: yaml
path: "%{undefinedvariable}"
Example:
puppet lookup classes --node 'nodeone' --explain --merge unique
...
No such key: "undefinedvariable"
Is this expected behavior? My use case is that not all of my nodes in the same environment have identical facts and if a dynamic path contains a variable that cannot be resolved, I would like the lookup to continue and use the paths that contain variables that can be resolved. Basically, continue to function as Hiera classic does.
↧
Hiera lookup on array of hashes, is it possible?
Hello, I am not sure if this is possible at all, but let me introduce with challenge I am experiencing.
I have this configuration:
cloud::provision:
'strname':
key1: str1
key2: str2
sg_key:
-
protocol: 'tcp'
port: '1111'
cidr: '172.31.0.0/16'
-
protocol: 'tcp'
port: '2222'
cidr: '172.31.0.0/16'
-
protocol: 'tcp'
port: '3333'
cidr: '172.31.0.0/16'
So, I have a lot of these rules (array of hashes) for every security group for every EC2 instance on AWS. I want to simplify whole process and make a lookup like this:
*common.yaml*
lookupkey:
-
protocol: 'tcp'
port: '1111'
cidr: '172.31.0.0/16'
-
protocol: 'tcp'
port: '2222'
cidr: '172.31.0.0/16'
-
protocol: 'tcp'
port: '3333'
cidr: '172.31.0.0/16'
and have this:
cloud::provision:
'strname':
key1: str1
key2: str2
sg_key: "%{hiera('lookupkey')}"
Doing a lookup from CLI (first example), I am getting this response:
{"strname"=>
{"key1"=>"str1",
"key2"=>"str2",
"sg_key"=>
[{"protocol"=>"tcp", "port"=>"1111", "cidr"=>"172.31.0.0/16"},
{"protocol"=>"tcp", "port"=>"2222", "cidr"=>"172.31.0.0/16"},
{"protocol"=>"tcp", "port"=>"3333", "cidr"=>"172.31.0.0/16"}]}}
If I try to do a lookup in second example (with hiera lookup), I am getting this:
{"strname"=>
{"key1"=>"str1",
"key2"=>"str2",
"sg_key"=>
"[{\"protocol\"=>\"tcp\", \"port\"=>\"1111\", \"cidr\"=>\"172.31.0.0/16\"}, {\"protocol\"=>\"tcp\", \"port\"=>\"2222\", \"cidr\"=>\"172.31.0.0/16\"}, {\"protocol\"=>\"tcp\", \"port\"=>\"3333\", \"cidr\"=>\"'172.31.0.0/16\"}]"}}
Is it possible to get non-escaped output? Is this possible at all? It's very uncomfortable to have over 300 instances and have to change SG rules one by one instead on the one place. Thanks.
↧
how to change verify_server_cert value in hiera for ldap module for apache
I'm trying to figure out how to change the verify_server_cert value in hiera and i cannot figure it out. i'm trying to set LDAPTrustedGlobalCert to off in my config. verify_server_cert seems to be the parameter to do it but i just can't fathom it. i've tried:
apache::mod::authnz_ldap::verify_server_cert : false
in hiera
i've even tried explicitly loading the module in my profile with that parameter set but it throws an error saying it's already declared.
Just wondered if anyone had any ideas.
↧
configuring passenger from hiera with puppetlabs-apache module
I'm looking to setup a Passenger app using the puppetlabs-module, configuring via hiera. If I use the following vhost definition it works fine:
web::vhosts:
node.com:
docroot: /var/www/app
serveraliases: "%{fqdn}"
passenger_app_env: production
passenger_pre_start: "http://%{fqdn}/contact"
passenger_min_instances: 3
directories:
- path: /var/www/app
passenger_enabled: "on"
but if I try to define the pool_idle_time for passenger with the following config
web::vhosts:
node.com:
docroot: /var/www/app
serveraliases: "%{fqdn}"
passenger_app_env: production
passenger_pre_start: "http://%{fqdn}/contact"
passenger_min_instances: 3
passenger_pool_idle_time: 0
directories:
- path: /var/www/app
passenger_enabled: "on"
I get an error
> Error: Could not retrieve catalog from> remote server: Error 400 on SERVER:> Invalid parameter> passenger_pool_idle_time on node> abc.co.uk
but from looking at the templates/mod/passenger.conf.erb it looks as if that is an option that can be configured.
↧
↧
How do I express an empty array in Hiera?
I need to override the default value of class parameter for a module which expects an array. I can do this easily enough with traditional Puppet code:
class { 'foo':
bar => []
}
However, I would like to have all the parameters in Hiera using the automatic class parameter lookup. Can this even be done? BTW, I'm using YAML format.
↧
failed: DataBinding 'hiera': undefined method `empty?' for nil:NilClass
Hello,
we just restored puppetserver from backup but after restoration puppet server is not entirely happy.
It gives this error:
/opt/puppetlabs/bin/puppet agent --test
Info: Using configured environment 'production'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Function Call, Lookup of key 'profile::ruby::packages' failed: DataBinding 'hiera': undefined method `empty?' for nil:NilClass at /etc/puppetlabs/code/modules/profile/manifests/base.pp:2:5 on node ldl.EXAMPLE.COM
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
i am running puppetserver version: **2.5.0**
# puppetserver gem list
*** LOCAL GEMS ***
deep_merge (1.0.1)
hiera-eyaml (2.0.8)
hiera-eyaml-gpg (0.5)
highline (1.6.21)
jar-dependencies (0.1.13)
jruby-openssl (0.9.7 java)
json (1.8.0 java)
mini_portile (0.6.2)
rake (10.1.0)
rdoc (4.1.2)
ruby_gpg (0.3.2)
trollop (2.1.2)
# /opt/puppetlabs/puppet/bin/gem list
*** LOCAL GEMS ***
bigdecimal (1.2.4)
deep_merge (1.0.1)
facter (3.4.1)
hiera (3.2.1)
hiera-eyaml (2.1.0)
hiera-eyaml-gpg (0.6)
highline (1.6.21)
hocon (0.9.3)
io-console (0.4.3)
json (1.8.1)
minitest (4.7.5)
net-ssh (2.9.2)
psych (2.0.5)
puppet (4.6.1)
rake (10.1.0)
rdoc (4.1.0)
semantic_puppet (0.1.2)
stomp (1.3.3)
test-unit (2.1.9.0)
trollop (2.1.2)
# cat /etc/puppetlabs/code/hiera.yaml
---
:backends:
- yaml
- eyaml
:hierarchy:
- "%{::environment}/%{::trusted.certname}"
- "%{::environment}"
- common
:yaml:
:datadir: /etc/puppetlabs/code/hieradata
:eyaml:
:datadir: /etc/puppetlabs/code/hieradata
:merge_behavior: deeper
when i run hiera manually looks like it is working:
# hiera 'profile::ruby::packages' environment=production
["ruby"]
here are manifests that are part of above error
# cat /etc/puppetlabs/code/modules/profile/manifests/base.pp
class profile::base {
include profile::ruby
$useful_packages = hiera("profile::useful::packages")
package {$useful_packages:
ensure => latest,
}
}
# cat /etc/puppetlabs/code/modules/profile/manifests/ruby.pp
class profile::ruby (
$packages = hiera('$profile::ruby::packages'),
$version = hiera('$profile::ruby::version'),
) {
package { $packages:
ensure => $version
}
}
Can anyone point what should be done to fix puppet.?
thanks
Wkg
↧
Set File content via Hiera
Hi,
I am looking for the syntax to set the content for a File resource from hiera. Specifically I want to set the template being used:
# Puppet
class test (
$file_content = undef,
){
file{'/tmp/testfile':
ensure => file,
content => $file_content,
}
}
# Hiera
---
test::file_content: template('modules/test/test.erb')
Since Hiera is returning a string, the template function is not being evaluated.
I am pretty sure I saw this being done somewhere, but I cannot figure out the correct syntax anymore.
↧
merging arrays with the same key
Heya - i've got these in hiera:
profiles::apache::vhosts::vhostsappcommon :
-
docroot: /a/path
docroot_owner : a user
docroot_group : a group
docroot_mode : 'a mode'
log_level: debug
ip_based: true
headers :
- unset somethingspecific
and:
profiles::apache::vhosts::vhostscommon:
-
options : ['FollowSymLinks','MultiViews']
headers:
- unset something
- edit somethingelse
- always append something
- set somethingelse
- set somethingmore
request_headers:
- set blah
- set blah blah
ssl_protocol : -all +TLSv1.2
now i need to merge these two things to make one default apache config. The question is how do i merge these 2 things successfully so that the nested hash request_headers includes all values from both arrays. All the merges i've tried so far ditches everything in favour of the right most array's request_headers values, as per deep_merge's documentation.
Thanks!
↧
↧
Configure puppet razor kickstart templates/variables with hiera from puppet master node, during provisioning of that respective node with help of its "mac" factor.
Hello,
My ultimate goal is to have puppet master take care of node deployment configuration even before OS gets deployed. That is puppet master configuring kickstart templates/disk partitions of a node with help of facts on puppet razor and hiera with role/profile pattern.
To be more specific. Our environment needs different disk partitions/kickstart passwords/kickstart templates depending on the role/profile/cluster of the node. All this data cannot be received from factor and instead has to come from a CMDB/hiera. We are already used to configuring nodes post OS deployment with the help of role/profile pattern and using hiera to distribute the data across the hierarchy.
I am just trying out puppet razor and its features, thinking it would solve this problem of receiving kicstart data about a node from hiera depending on its mac-address. I would also like to configure hostname depending on the node mac-address which it would receive from hiera.
I could accomplish the above by using puppet and hiera, and manually enter kickstart data on hiera for razor node and configure with puppet - but in this case - I will need me to mention all the kickstart static data of all the nodes as "razor node data on hiera". I do not want to create a huge set of static data for razor node. I would instead want the kickstart template on puppet razor node to be automatically populated whenever that respective node gets deployed through razor.
In short this is the hierarchy that i have..
---
:backends:
- yaml
- eyaml
:yaml:
:datadir: "<>"
:eyaml:
:datadir: "<>"
:pkcs7_private_key: /<>
:pkcs7_public_key: /<>
:hierarchy:
- "nodes/%{::trusted.certname}"
- "mac/%{::mac}"
- "virtual/%{::virtual}"
- "role/%{role}"
- "cluster/%{cluster}"
- "os/%{::operatingsystem}/%{::operatingsystemmajrelease}"
- common
:merge_behavior: deep
:logger: puppet
I would want to specify data as follows:
mac/ef:as:as:sg:as:fg
"disk partitiion": "<>"
cluster/test
"disk partition":<>
role/test
"disk partition":<>
I would then want the respective node during node provisioning to pick up the above data from hiera depending on its facts "::mac", and use the data in kickstart template/pxe templates etc...
That would help me keep all the configuration data for a node at one place(hiera), and not repeat it or use some other tool to do the same with some other database.
Please let me know, if anyone has any ideas on how to accomplish the above.
Thanks,
↧
New hiera with old puppet
Hello,
I'm trying to get hiera *3.x* to work with Puppet *3.7.2* (which comes with hiera *1.3.4*). The main reason being what I want to get deep_merge knockout behavior working via hiera.
However, installing the hiera gem via
> gem install hiera
Results in an update command-line interface version of hiera but puppet keeps using the *1.3.4* installation. I cannot for the life of me find the configuration setting which tells puppet what hiera to use.
If anyone has any clue I'd be forever grateful.
Yours kindly,
Chris
↧
Custom facts in hiera hierachy not working in CentOS 7
I'm trying to debug a problem where the custom facts from a node are not being used correctly when looking for hiera data. This is my hiera.yaml file:
---
:backends:
- eyaml
- yaml
:hierarchy:
- "nodes/%{::trusted.certname}"
- "role/%{::instance_role}"
- "environments/%{::environment}"
- certs
- common
:yaml:
# datadir is empty here, so hiera uses its defaults:
# - /etc/puppetlabs/code/environments/%{environment}/hieradata on *nix
# - %CommonAppData%\PuppetLabs\code\environments\%{environment}\hieradata on Windows
# When specifying a datadir, make sure the directory exists.
:datadir:
When I use this with a CentOS 6 node (vagrant box) and /opt/puppetlabs/facter/facts.d/instance_role.txt is set to:
instance_role=web
This works fine. However with the same setup on CentOS 7 (vagrant box) it gives:
Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Function Call, Could not find data item haproxy::listen in any Hiera data file and no default supplied at /etc/puppetlabs/code/environments/dev/site/profile/manifests/haproxy.pp:41:40 on node vagrant.example.com
If I change "role/%{::instance_role}" to "role/web" in hiera.yaml, then that works fine, but it doesn't look like puppet is passing on the custom fact on CentOS 7.
Using puppet 4.7.0, hiera 3.2.1, facter 3.4.1
↧