Ask Your Question
0

how to use hiera to set class parameters?

asked 2015-02-16 15:41:41 -0500

Red Cricket gravatar image

updated 2015-02-16 15:42:49 -0500

Hi,

I am trying to figure out how to use hiera for setting the values for class parameters. I am testing things out with two simple classes: testhiera and testhiera2

Here are those classes:

[root@puppet-el7-001 modules]# cat testhiera/manifests/init.pp 
class testhiera (
        $haproxy_cert_content = 'unknown' ,
) {

        notify {"cert is $haproxy_cert_content":}
}
[root@-puppet-el7-001 modules]# cat testhiera2/manifests/init.pp 
class testhiera2 (
        $haproxy_cert_content = 'unknown' ,
) {

        notify {"number two cert is $haproxy_cert_content":}
}

here is my /etc/puppletlabs/puppet/hiera.yaml file

---
:backends:
  - yaml
:hierarchy:
  - defaults
  - "%{clientcert}"
  - "%{environment}"
  - global

:yaml:
# datadir is empty here, so hiera uses its defaults:
# - /var/lib/hiera on *nix
# - %CommonAppData%\PuppetLabs\hiera\var on Windows
# When specifying a datadir, make sure the directory exists.
  :datadir: /root/puppetmaster/hiera/ost-el7

and I have this file /root/puppetmaster/hiera/ost-el7/defaults.yaml

a side question: Do I have to name the file "defaults.yaml"? How could I use another file name?

---
testhiera::haproxy_cert_content: "\n
-----BEGIN CERTIFICATE-----\n
blah blah blha\n
-----END RSA PRIVATE KEY-----\n
blah blah blha\n
-----BEGIN CERTIFICATE-----\n
blah blah blha\n
-----END CERTIFICATE-----\n
"

When I execute my puppet classes like so ...

# puppet apply -e 'include testhiera'

... I get the expected output:

Notice: Compiled catalog for puppet-el7-001.cisco.com in environment production in 0.08 seconds
Notice: cert is 
 -----BEGIN CERTIFICATE-----
 blah blah blha
 -----END RSA PRIVATE KEY-----
 blah blah blha
 -----BEGIN CERTIFICATE-----
 blah blah blha
 -----END CERTIFICATE-----

Notice: /Stage[main]/Testhiera/Notify[cert is 
 -----BEGIN CERTIFICATE-----
 blah blah blha
 -----END RSA PRIVATE KEY-----
 blah blah blha
 -----BEGIN CERTIFICATE-----
 blah blah blha
 -----END CERTIFICATE-----
 ]/message: defined 'message' as 'cert is 
 -----BEGIN CERTIFICATE-----
 blah blah blha
 -----END RSA PRIVATE KEY-----
 blah blah blha
 -----BEGIN CERTIFICATE-----
 blah blah blha
 -----END CERTIFICATE-----
 '
Notice: Finished catalog run in 0.17 seconds

My question is what is the best way to get thehaproxycertcontent data to the testhiera2 class? Do I have to change my defaults.yaml file to look like this ...

---
testhiera::haproxy_cert_content: "\n
-----BEGIN CERTIFICATE-----\n
blah blah blha\n
-----END RSA PRIVATE KEY-----\n
blah blah blha\n
-----BEGIN CERTIFICATE-----\n
blah blah blha\n
-----END CERTIFICATE-----\n
"
testhiera2::haproxy_cert_content: "\n
-----BEGIN CERTIFICATE-----\n
blah blah blha\n
-----END RSA PRIVATE KEY-----\n
blah blah blha\n
-----BEGIN CERTIFICATE-----\n
blah blah blha\n
-----END CERTIFICATE-----\n
"

... basically just cut--n-pasting the lines and changing the testhiera to testhiera2?

I hope someone can show me a better way to do this.

Thanks

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
1

answered 2015-02-17 05:09:12 -0500

ActionJack gravatar image

Hiera Interpolation is your friend see here with it your hiera yaml files look like this:

testhiera2::haproxy_cert_content: "%{hiera('testhiera::haproxy_cert_content')}"

You also might want to try using a YAML 'literal block' (using |) to save you time adding \n to every line e.g.

testhiera::haproxy_cert_content: |
  -----BEGIN CERTIFICATE-----
  blah blah blha
  -----END RSA PRIVATE KEY-----
  blah blah blha
  -----BEGIN CERTIFICATE-----
  blah blah blha
  -----END CERTIFICATE-----

Side answer : Do I have to name the file "defaults.yaml"? How could I use another file name?

No you don't have to use defaults.yaml you can use what ever name you like e.g. common, it's just the prefix for the filename you want to use. So if your defaults are in common.yaml, then it would look like this:

:hierarchy:
  - common
  - "%{clientcert}"
  - "%{environment}"
  - global

The hierarchy just informs hiera/puppet to use the following files to find it's configuration i.e.

common.yaml -> hostname.yaml -> production.yaml -> global.yaml
edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2015-02-16 15:41:41 -0500

Seen: 260 times

Last updated: Feb 16 '15