Ask Your Question
0

How do I use hiera to include both common and node specific settings?

asked 2015-09-11 13:55:28 -0500

lclegg gravatar image

updated 2015-09-11 15:23:52 -0500

GregLarkin gravatar image

I'm a new Open Puppet V4.2 user so please be gentle with me. No prior experience with Puppet.

I'm trying to use Hiera to have some common items applied to all nodes plus some node specific items. Not either-or but rather both. So far I've successfully gotten either-or to work but not both.

I'm using the deric/accounts module from the forge as the basis for my user/group account management. It works well and meets my needs...sorta...now just need to figure out how to get both common and specific settings.

I'm fairly sure there is something in my syntax that I'm missing but so far nothing I've tried has worked. The end goal again is to get the accounts listed in the common.yaml added to all nodes plus the accounts listed in nodes/FQDN.yaml file applied to the FQDN node specifically. (Of course FQDN in my example is replaced with the actual fqdn of my target node, e.g. not the literal "fqdn".)

The below setup works....if I test on a node other than "gfmpuptest2" I get the contents of the common.yaml added; if I test on gfmpuptest2 then I get only the information from the nodes/gfmpuptest2.yaml added. I need both added.

Here's my hiera setup:

# cat hiera.yaml
---
:backends:
  - yaml

:yaml:
  :datadir: /etc/puppetlabs/code/environments/%{::environment}/hieradata

:hierarchy:
  - "nodes/%{::trusted.certname}"
  - common


# cat /etc/puppetlabs/code/environments/lab/hieradata/common.yaml
---
accounts::groups:
 www-data:
   gid: 33333

# cat /etc/puppetlabs/code/environments/lab/hieradata/nodes/fqdn.yaml
accounts::groups:
 www-data4:
   gid: 43333

# cat /etc/puppetlabs/code/environments/lab/manifests/site.pp
class {'accounts': }

class motd {
   file { '/etc/motd':
     ensure  => file,
     owner   => 'root',
     group   => 'root',
     content => 'Hello world! Puppet is awesome.',
   }
 }

class linux_default {
   include accounts
   include motd
}

and finally here's my nodes.pp

# cat /etc/puppetlabs/code/environments/lab/manifests/nodes.pp
node 'gfmpuptest2'{

  include linux_default

}

node default {
  include linux_default

  file { '/tmp/hello_world':
       ensure => present,
  }
}
edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
1

answered 2015-09-11 15:43:39 -0500

GregLarkin gravatar image

Unfortunately, when you are using Hiera automatic parameter lookup, as you are doing (same as example given on the module documentation page), Puppet only uses the "priority" matching scheme to retrieve data. It loads the data from the first file in the hierarchy, instead of merging data found from all levels in the hierarchy.

See: https://docs.puppetlabs.com/hiera/1/puppet.html#limitations

You can work around that limitation by changing your linux_default class like so:

class linux_default {
  class { 'accounts':
    groups => hiera_hash('accounts::groups', {})
  }

  include motd
}

NOTE: The 2nd parameter of the hiera_hash function is a default value (empty hash) that will be returned in case the key lookup fails for some reason.

All that modification does is override the automatic parameter lookup for the groups attribute with a value of your choice. Note that you should remove the class { 'accounts': } line above in site.pp, as it's declaring the accounts class with default parameters, and it will conflict with the new declaration I have written above.

I guess if you want to always declare the class using the hiera_hash function, you can move that declaration outside of the node { ... } directives like so:

# This class will be declared for all nodes because it appears at the global level in 
# site.pp. It may be a good candidate for wrapping with another class and placing
# in a module elsewhere in the Puppet code hierarchy.
class { 'accounts':
  groups => hiera_hash('accounts::groups', {})
}

# This is a good candidate for placing in a module elsewhere in the Puppet code hierarchy
class motd {
   file { '/etc/motd':
     ensure  => file,
     owner   => 'root',
     group   => 'root',
     content => 'Hello world! Puppet is awesome.',
   }
 }

class linux_default {
   include motd
}

Once you start putting that much class declaration code in site.pp, though, I would start looking at building a module and following these best practices: https://docs.puppetlabs.com/guides/module_guides/bgtm.html

Hope this helps!

edit flag offensive delete link more

Comments

Wow! Thanks. That was the secret sauce I was missing. I have it working like I wanted now...both the common and node specifics are being applied appropriately. Thank you for the guidance. Working my way through all the examples is certainly a learning experience.

lclegg gravatar imagelclegg ( 2015-09-11 16:02:14 -0500 )edit

Great, glad it's working now. Please mark the answer correct when you have a moment, and then other folks can find it, too. Definitely take advantage of the docs.puppetlabs.com site, and you'll find a lot of reference material, best practices guidance, etc.

GregLarkin gravatar imageGregLarkin ( 2015-09-11 16:25:28 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2015-09-11 13:55:28 -0500

Seen: 481 times

Last updated: Sep 11 '15