There is indeed a  global hiera.yaml file:
# cat /etc/puppetlabs/puppet/hiera.yaml
---
# Hiera 5 Global configuration file

version: 5

# defaults:
#   data_hash: yaml_data
# hierarchy:
#  - name: Common
#    data_hash: yaml_data
hierarchy: []

Top level environment hiera looks good:
# cat /etc/puppetlabs/code/environments/production/hiera.yaml
---
version: 5
defaults:
  # The default value for "datadir" is "data" under the same directory as 
the hiera.yaml
  # file (this file)
  # When specifying a datadir, make sure the directory exists.
  # See https://puppet.com/docs/puppet/latest/environments_about.html for 
further details on environments.
  datadir: data
  data_hash: yaml_data
hierarchy:
  - name: "Per-node data"                   # Human-readable name.
    path: "nodes/%{trusted.certname}.yaml"  # File path, relative to 
datadir.

  - name: "Per-OS defaults"
    path: "os/%{facts.os.family}.yaml"

  - name: "Common data"
    path: "common.yaml"

There is no associated branch or alike in this instance.

Here's the puppet lookup output with --explain:

# puppet lookup --node lhcsrvprdidm02.fixnetix.com grubipv6disable::enable 
--explain
Searching for "lookup_options"
  Global Data Provider (hiera configuration version 5)
    Using configuration "/etc/puppetlabs/puppet/hiera.yaml"
    No such key: "lookup_options"
  Environment Data Provider (hiera configuration version 5)
    Using configuration 
"/etc/puppetlabs/code/environments/production/hiera.yaml"
    Merge strategy hash
      Hierarchy entry "Per-node data"
        Path 
"/etc/puppetlabs/code/environments/production/data/nodes/lhcsrvprdidm02.fixnetix.com.yaml"
          Original path: "nodes/%{trusted.certname}.yaml"
          No such key: "lookup_options"
      Hierarchy entry "Per-OS defaults"
        Path 
"/etc/puppetlabs/code/environments/production/data/os/RedHat.yaml"
          Original path: "os/%{facts.os.family}.yaml"
          Path not found
      Hierarchy entry "Common data"
        Path "/etc/puppetlabs/code/environments/production/data/common.yaml"
          Original path: "common.yaml"
          Path not found
  Module "grubipv6disable" Data Provider (hiera configuration version 5)
    Using configuration 
"/etc/puppetlabs/code/environments/production/modules/grubipv6disable/hiera.yaml"
    Merge strategy hash
      Hierarchy entry "osfamily/major release"
        Merge strategy hash
          Path 
"/etc/puppetlabs/code/environments/production/modules/grubipv6disable/data/os/RedHat/7.yaml"
            Original path: 
"os/%{facts.os.name}/%{facts.os.release.major}.yaml"
            Path not found
          Path 
"/etc/puppetlabs/code/environments/production/modules/grubipv6disable/data/os/RedHat/7.yaml"
            Original path: 
"os/%{facts.os.family}/%{facts.os.release.major}.yaml"
            Path not found
          Path 
"/etc/puppetlabs/code/environments/production/modules/grubipv6disable/data/os/RedHat/3.10.0-1127.13.1.el7.x86_64.yaml"
            Original path: 
"os/%{facts.os.family}/%{facts.kernelrelease}.yaml"
            Path not found
      Hierarchy entry "osfamily"
        Merge strategy hash
          Path 
"/etc/puppetlabs/code/environments/production/modules/grubipv6disable/data/os/RedHat.yaml"
            Original path: "os/%{facts.os.name}.yaml"
            Path not found
          Path 
"/etc/puppetlabs/code/environments/production/modules/grubipv6disable/data/os/RedHat.yaml"
            Original path: "os/%{facts.os.family}.yaml"
            Path not found
      Hierarchy entry "common"
        Path 
"/etc/puppetlabs/code/environments/production/modules/grubipv6disable/data/common.yaml"
          Original path: "common.yaml"
          No such key: "lookup_options"
Searching for "grubipv6disable::enable"
  Global Data Provider (hiera configuration version 5)
    Using configuration "/etc/puppetlabs/puppet/hiera.yaml"
    No such key: "grubipv6disable::enable"
  Environment Data Provider (hiera configuration version 5)
    Using configuration 
"/etc/puppetlabs/code/environments/production/hiera.yaml"
    Hierarchy entry "Per-node data"
      Path 
"/etc/puppetlabs/code/environments/production/data/nodes/lhcsrvprdidm02.fixnetix.com.yaml"
        Original path: "nodes/%{trusted.certname}.yaml"
        Found key: "grubipv6disable::enable" value: false

Thanks,
Dan.


On Monday, September 28, 2020 at 2:23:49 PM UTC+1 Martin Alfke wrote:

> In this case it is hiera.
>
> Can you please check:
> - that there is no global hiera.yaml file in 
> /etc/puppetlabs/puppet/hiera.yaml or, that the data paths mentioned in that 
> file are empty
> - that node is the top level environment in your environment hiera.yaml 
> file (/etc/puppetlabs/code/environment/<environment>/hiera.yaml
> - that your Puppet code changes are done in production environment and not 
> within a feature branch or: if you use a feature branch: that the data fir 
> enabling/disabling the flag is also in environment hiera data
>
> Can you run the puppet lookup command again using the ‘--explain’ 
> parameter?
>
> Hth,
> Martin
>
>
> On 28. Sep 2020, at 15:18, djc...@gmail.com <djc...@gmail.com> wrote:
>
> Thanks again Martin,
>
> I've changed the code as per recommended.  However, the same issue still 
> persists.  I'm starting to think that the issue is not code related but 
> lies elsewhere
>
> # puppet agent --no-daemonize --onetime --verbose
> Info: Using configured environment 'production'
> Info: Retrieving pluginfacts
> Info: Retrieving plugin
> Info: Retrieving locales
> Info: Loading facts
> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
> Server Error: Evaluation Error: Error while evaluating a Resource 
> Statement, Class[Grubipv6disable]: expects a value for parameter 'enable' 
> (file: /etc/puppetlabs/code/environments/production/manifests/site.pp, 
> line: 12, column: 3) on node lhcsrvprdidm02.fixnetix.com
> Info: Using cached catalog from environment 'production'
> Info: Applying configuration version '1601218290'
> Notice: Applied catalog in 1.95 seconds
>
> I've checked if a lookup checks-out ok:
>
> # puppet lookup --node lhcsrvprdidm02.fixnetix.com grubipv6disable::enable
> --- false
>
> Thanks,
> Dan.
>
>
>
> On Monday, September 28, 2020 at 11:54:42 AM UTC+1 Martin Alfke wrote:
>
>> Hi Dan,
>>
>> I would write the grubipv6disable class in another way:
>>
>> class grubipv6disable (
>>   Boolean $enable,
>> ) {
>>   if $enable {
>>     contain grubipv6disable::config
>>   }
>> }
>>
>> And keep the grubipv6disable::config class as is:
>>
>> class grubipv6disable::config (
>> ){
>>
>>   if $facts['os']['release']['major'] =~ /7/ {
>>     exec { 'grub2_ipv6_disable':
>>       command => '/usr/sbin/grubby --update-kernel=ALL 
>> --args=ipv6.disable=1',
>>       unless  => '/usr/sbin/grubby --info=ALL | /usr/bin/grep ipv6'
>>     }
>>   } else {
>>     notice ('Assuming RHEL 6.x thus taking no action')
>>   }
>> }
>>
>> Parameters, like variables, are always local to a class.
>>
>> Best,
>> Martin
>>
>>
>> On 28. Sep 2020, at 12:03, djc...@gmail.com <djc...@gmail.com> wrote:
>>
>> Thanks for that Martin,
>>
>> I seem to have unearthed a different issue:
>>
>> # puppet agent --no-daemonize --onetime --verbose
>> Error: Could not retrieve catalog from remote server: Error 500 on 
>> SERVER: Server Error: Evaluation Error: Error while evaluating a Resource 
>> Statement, Class[Grubipv6disable]: expects a value for parameter 'enable' 
>> (file: /etc/puppetlabs/code/environments/production/manifests/site.pp, 
>> line: 12, column: 3) on node lhcsrvprdidm02.fixnetix.com
>>
>> # pwd
>> /etc/puppetlabs/code/environments/production/modules/grubipv6disable
>> # more manifests/init.pp
>> class grubipv6disable (
>>   Boolean $enable,
>> ) {
>>   contain grubipv6disable::config
>>   }
>>
>> # more manifests/config.pp
>> class grubipv6disable::config (
>>   Boolean $enable = true,
>> ){
>>  if $enable {
>>   if $facts['os']['release']['major'] =~ /7/ {
>>     exec { 'grub2_ipv6_disable':
>>       command => '/usr/sbin/grubby --update-kernel=ALL 
>> --args=ipv6.disable=1',
>>       unless  => '/usr/sbin/grubby --info=ALL | /usr/bin/grep ipv6'
>>      }
>>   } else {
>>       notice ('Assuming RHEL 6.x thus taking no action')
>>     }
>>  }
>> }
>>
>> # pwd
>> /etc/puppetlabs/code/environments/production/data
>> # more nodes/lhcsrvprdidm02.fixnetix.com.yaml
>> ---
>> grubipv6disable::enable: false
>>
>> Seems hiera is not being read.
>>
>> Any further help you can provide would be appreciated
>>
>> Thanks,
>> Dan.
>> On Friday, September 18, 2020 at 12:43:26 PM UTC+1 Martin Alfke wrote:
>>
>>> Add a parameter to grubipv6disable class which controls the internal 
>>> behaviour.
>>>
>>> https://puppet.com/docs/puppet/6.17/lang_classes.html#class-parameters-and-variables
>>>
>>> e.g.
>>>
>>> # modules/grubipv6disable/manifests/init.pp
>>> class grubipv6disable (
>>>   Boolean $enable = true,
>>> ){
>>>   if $enable {
>>>     # add here the code from the class.
>>>   }
>>> }
>>>
>>> Now you add hiera.yaml to your control-repo and add node specific data.
>>> https://puppet.com/docs/puppet/6.17/hiera_intro.html
>>>
>>> e.g.
>>> data/nodes/<nodename>.yaml
>>> ---
>>> grubipv6disable::enable: false
>>>
>>> Hth,
>>> Martin
>>>
>>>
>>> On 17. Sep 2020, at 19:19, djc...@gmail.com <djc...@gmail.com> wrote:
>>>
>>> Hello experts,
>>>
>>> I apply all my current classes like so:
>>>
>>> # cat site.pp
>>>
>>> node default {
>>>   class { 'selinux':
>>>     mode => 'permissive',
>>>     type => 'targeted',      }
>>>   class { 'commonpackages':  }
>>>   class { 'polkit':          }
>>>   class { 'libstoragemgmt':  }
>>>   class { 'rngd':            }
>>>   class { 'gssproxy':        }
>>>   class { 'smartd':          }
>>>   class { 'firewalld':       }
>>>   class { 'grubipv6disable': }
>>>   class { 'grubrootpasswd':  }
>>>   class { 'grubcrash':       }
>>>   class { 'logrotate':       }
>>>   class { 'htop':            }
>>>   class { 'vim':             }
>>>   class { 'yum':             }
>>>   class { 'yumlocalrepo':    }
>>>   class { 'sysctl':          }
>>>   class { 'sysconfig':       }
>>>   class { 'bashrc':          }
>>>   class { 'vault':           }
>>>   class { 'useradd':         }
>>>   class { 'crontab':         }
>>>   class { 'modprobe':        }
>>>   class { 'rsyslogd':        }
>>>   class { 'sudoers':         }
>>>   class { 'motd':            }
>>>   class { 'pam':             }
>>>   class { 'issue':           }
>>>   class { 'issuenet':        }
>>>   class { 'limits':          }
>>>   class { 'timezone':        }
>>>   class { 'profiled':        }
>>>   class { 'pulpconsumer':    }
>>>   class { 'resolver':        }
>>>   class { 'aide':            }
>>>   class { 'autofs':          }
>>>   class { 'vmtoolsd':        }
>>>   class { 'ntpd':            }
>>>   class { 'postfix':         }
>>>   class { 'auditd':          }
>>>   class { 'sshd':            }
>>>   class { 'idmclient':       }
>>> }
>>>
>>> However, it's now become apparent that I need to exclude the 
>>> grubipv6disable from some nodes (all have idm0 in their hostname).
>>>
>>> What is the best way (or the less complicated) to achive this?
>>>
>>> Thanks in advance.
>>> Dan.
>>>
>>> -- 
>>> You received this message because you are subscribed to the Google 
>>> Groups "Puppet Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send 
>>> an email to puppet-users...@googlegroups.com.
>>> To view this discussion on the web visit 
>>> https://groups.google.com/d/msgid/puppet-users/e0226cb0-a8d9-4767-afa7-093c89358063n%40googlegroups.com
>>>  
>>> <https://groups.google.com/d/msgid/puppet-users/e0226cb0-a8d9-4767-afa7-093c89358063n%40googlegroups.com?utm_medium=email&utm_source=footer>
>>> .
>>>
>>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to puppet-users...@googlegroups.com.
>>
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/puppet-users/b168cfbc-a37a-4ecd-b394-223de8580440n%40googlegroups.com
>>  
>> <https://groups.google.com/d/msgid/puppet-users/b168cfbc-a37a-4ecd-b394-223de8580440n%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>>
>>
>>
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users...@googlegroups.com.
>
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/6ce33b24-d9e3-4c5d-bb9f-9295f900db36n%40googlegroups.com
>  
> <https://groups.google.com/d/msgid/puppet-users/6ce33b24-d9e3-4c5d-bb9f-9295f900db36n%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/7333f66c-a7c7-4a64-9013-6dc248f00fafn%40googlegroups.com.

Reply via email to