Ask Your Question

Refreshing Hiera data or other "dynamic" data sources

asked 2015-11-23 09:16:00 -0600

dmdamiyo gravatar image

Hello all,

I've got a question about Hiera or any other possibility to make data dynamic. Currently in our config we use Hiera to have our data and code separated.

So in the manifest we have a piece of code like:

$variable = hiera('some_variable', '')

'some_variable' is now in a YAML file and was put there manually.

Now imagine that normally we keep 'some_variable' in some external data repository (database, LDAP). And I have means (a script) to create a proper YAML file out of this external source. Is there a possibility to include somehow this newly created YAML file in Hiera during a puppet run?

So I'd like to modify the value in the database and forget about everything, and Puppet should execute my script to create a YAML file, and make values from the YAML file available to query in the manifest.

Or maybe I can execute my script to create YAML outside of Puppet, put the file in a git repository and then clone it during the Puppet run?

I'd appreciate hints on how to achieve what I described.

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted

answered 2015-11-23 10:28:41 -0600

ramindk gravatar image

There are a few options here and really depends on the amount of process you need.

Hiera supports a number of backends including hiera-redis, hiera-ldap, and hiera-mysql. You could use Hiera with one of these or write your own adapter to an internal service.

This talk from Puppet Conf 2013 is about using a data layer to drive Puppet. The problem is that you need a front end to the datalayer that support auth, authorization, logging, etc to use it effectively. If you already have those services around your current backend, all the more reason to use it.

The solution I went with at a previous company was to use the YAML backend with the Puppet repo. I also specified a JSON hiera backend. I generated json from our internal data systems as a release and pushed it to the servers. I liked users and system sbeing able to update the data that drove Puppet, but I wanted a gate for the release. This worked well, but was a small shop. A more automated process would be needed in a larger system.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2015-11-23 09:16:00 -0600

Seen: 207 times

Last updated: Nov 23 '15