subject:"\[Puppet Users\] hiera"

Re: [Puppet Users] Hiera: Using mapped_paths with a hashmap

2024-09-04 Thread 'Dirk Heinrichs' via Puppet Users

Am Mittwoch, dem 04.09.2024 um 10:00 + schrieb 'Dirk Heinrichs' via Puppet
Users:

However, if the given fact is a hash, then

- name: Foo

mapped_paths: [facts.foo, name, "foo/%{name}.yaml"]

Got it: The path template must look like "foo/%{name.0}.yaml" to access the key.

Bye...

Dirk

Dirk Heinrichs
Senior Systems Engineer, Delivery Pipeline
OpenText ™ Discovery | Recommind
Phone: +49 2226 15966 18
Email: dhein...@opentext.com
Website:
www.recommind.de
Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach
Vertretungsberechtigte Geschäftsführer Gordon Davies, Madhu Ranganathan,
Christian Waida, Registergericht Amtsgericht Bonn, Registernummer HRB 10646
This e-mail may contain confidential and/or privileged information. If you are
not the intended recipient (or have received this e-mail in error) please
notify the sender immediately and destroy this e-mail. Any unauthorized
copying, disclosure or distribution of the material in this e-mail is strictly
forbidden
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen.
Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten
haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail.
Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail sind nicht
gestattet.

--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/ded6a3ad3c82d3309281bf758c6408a8271c3e87.camel%40opentext.com.

[Puppet Users] Hiera: Using mapped_paths with a hashmap

2024-09-04 Thread 'Dirk Heinrichs' via Puppet Users

Hi,

the Hiera documentation says that the "mapped_paths" method can be used with
either an Array or Hash: "A fact that is a collection (array or hash) of
values. Hiera expands these values to produce an array of paths."

Using it with an Array is quite easy, since the documentation also has an
example for this. However, if the given fact is a hash, then

- name: Foo

mapped_paths: [facts.foo, name, "foo/%{name}.yaml"]

produces paths like:

.../foo/["key", "value"].yaml

How can I access the key and/or value separately, or only operate on an Array
of keys (or values)

Thanks...

Dirk

--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/7e40f70369579162512a2c702ad2646a6b773c69.camel%40opentext.com.

Re: [Puppet Users] hiera, template and array

2023-03-30 Thread Laci D

*puppetlabs-ntp* doesn't support FreeBSD.
I do use this module to manage ntp on Ubuntu.

On Wednesday, March 29, 2023 at 4:44:21 PM UTC-4 LinuxDan wrote:

> Silly question:  Why not use 
> https://forge.puppet.com/modules/puppetlabs/ntp  ?
> ___
> *Dan White : d_e_...@icloud.com*
> “Sometimes I think the surest sign that intelligent life exists elsewhere 
> in the universe is that none of it has tried to contact us.” 
> Bill Waterson (Calvin & Hobbes)
>
> On Mar 28, 2023, at 10:30 AM, Laci D  wrote:
>
> I tried both epp and erb templates.
>
> This is the manifest file:
>
> class site::profiles::ntp {
> $ntp = hiera_hash('ntp')
>
> case $::operatingsystem {
> 'freebsd': {
>file { "/etc/ntp.conf":
>ensure  => file,
>recurse => true,
>purge   => true,
>force   => true,
>owner   => "root",
>group   => 0,
>mode=> "0644",
>content => template('site/ntp/ntp.conf.epp'),
>#content => template('site/ntp/ntp.conf.erb'),
>}
>service { 'ntpd':
>ensure => 'running',
>enable => true,
>}
>service { 'ntpdate':
>enable => true,
>}
> }
> default: {
>
>  class { 'ntp':
>servers => $ntp['servers'],
>  }
>
>}
>}
> }
>
>
> The template:
>
> templates/ntp/ntp.conf.epp
> <% @ntp[’servers’].each { |server| -%>
> server: <%= server %>
> <% } -%>
>
> And this is the hiera (as of now there is only one ntp server but there'll 
> be more in the future):
> ntp:
>   servers:
> - 169.254.169.123
>
> Martin with the latest change I'm getting:
> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
> Server Error: Evaluation Error: Error while evaluating a Resource 
> Statement, Evaluation Error: Error while evaluating a Function Call, Failed 
> to parse template site/ntp/ntp.conf.epp:
>   Filepath: /etc/puppetlabs/code/modules/site/templates/ntp/ntp.conf.epp
>   Line: 3
>   Detail: undefined local variable or method `’servers’' for 
> #
>  (file: /etc/puppetlabs/code/modules/site/manifests/profiles/ntp.pp, line: 
> 14, column: 31) 
> Warning: Not using cache on failed catalog
> Error: Could not retrieve catalog; skipping run
> On Tuesday, March 28, 2023 at 10:08:43 AM UTC-4 Martin Alfke wrote:
>
>> My example is an epp template.
>>
>> What name does the variable have? $ntp? And: is this a hash with servers 
>> key set to an array?
>>
>> In this case your erb (!) template can look like the following:
>>
>> <% @ntp[’servers’].each { |server| -%>
>> server: <%= server %>
>> <% } -%>
>>
>> On 28. Mar 2023, at 14:37, Laci D  wrote:
>>
>> Thank you Martin!
>>
>> I used your example and I think something is missing.
>> Since "servers" is under "ntp" in the hiera file (see example in my 
>> original email) maybe we need to define that in the erb file?
>>
>>
>> Error: Could not retrieve catalog from remote server: Error 500 on 
>> SERVER: Internal Server Error: org.jruby.exceptions.SyntaxError: 
>> (SyntaxError) 
>> /etc/puppetlabs/code/modules/site/templates/ntp/ntp.conf.erb:6: syntax 
>> error, unexpected tSTRING_BEG
>> _erbout.<< "server: ".freeze; _erbout.<<((...
>>^
>> Warning: Not using cache on failed catalog
>> Error: Could not retrieve catalog; skipping run
>>
>> On Tuesday, March 28, 2023 at 2:57:23 AM UTC-4 Martin Alfke wrote:
>>
>>> You must iterate as servers is an array:
>>>
>>> <% $servers.each |$server| { -%>
>>> server: <%= $server %>
>>> <%- } -%>
>>>
>>> On 27. Mar 2023, at 22:21, Laci D  wrote:
>>>
>>> I'm working on defining NTP servers from Hiera.
>>>
>>> For Linux servers I have been using *puppetlabs-ntp*, which has been 
>>> working nicely. Now I need to add support for FreeBSD. Above module doesn't 
>>> support FreeBSD but I can edit ntp.conf with *file* resource type. 
>>>
>>> This is where things got complicated, *file* adds extra ["..."] around 
>>> the value form hiera, since it's an array. Array type is required for 
>>> *puppetlabs-ntp*
>>> Question is how can I get rid of the extra squarely braces and double 
>>> quotes?
>>> Rather than using a static file I'd like to stick to hiera since the ntp 
>>> can very based on datacenter.
>>>
>>> /etc/ntp.conf
>>> server ["169.254.169.123"]
>>>
>>> *Desired /etc/ntp.conf*
>>> server 169.254.169.123
>>>
>>> hieradata/site.yaml
>>> ntp:
>>>   servers:
>>> - 169.254.169.123
>>>
>>> templates/ntp/ntp.conf.erb
>>> server <%= @ntp['servers'] %>
>>>
>>> -- 
>>> You received this message because you are subscribed to the Google 
>>> Groups "Puppet Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send 
>>> an email to puppet-users...@googleg

Re: [Puppet Users] hiera, template and array

2023-03-29 Thread 'Dan White' via Puppet Users

Silly question:  Why not use https://forge.puppet.com/modules/puppetlabs/ntp  ?
___
Dan White : d_e_wh...@icloud.com
“Sometimes I think the surest sign that intelligent life exists elsewhere in 
the universe is that none of it has tried to contact us.” 
Bill Waterson (Calvin & Hobbes)

> On Mar 28, 2023, at 10:30 AM, Laci D  wrote:
> 
> I tried both epp and erb templates.
> 
> This is the manifest file:
> 
> class site::profiles::ntp {
> $ntp = hiera_hash('ntp')
> 
> case $::operatingsystem {
> 'freebsd': {
>file { "/etc/ntp.conf":
>ensure  => file,
>recurse => true,
>purge   => true,
>force   => true,
>owner   => "root",
>group   => 0,
>mode=> "0644",
>content => template('site/ntp/ntp.conf.epp'),
>#content => template('site/ntp/ntp.conf.erb'),
>}
>service { 'ntpd':
>ensure => 'running',
>enable => true,
>}
>service { 'ntpdate':
>enable => true,
>}
> }
> default: {
> 
>  class { 'ntp':
>servers => $ntp['servers'],
>  }
> 
>}
>}
> }
> 
> 
> The template:
> 
> templates/ntp/ntp.conf.epp
> <% @ntp[’servers’].each { |server| -%>
> server: <%= server %>
> <% } -%>
> 
> And this is the hiera (as of now there is only one ntp server but there'll be 
> more in the future):
> ntp:
>   servers:
> - 169.254.169.123
> 
> Martin with the latest change I'm getting:
> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
> Server Error: Evaluation Error: Error while evaluating a Resource Statement, 
> Evaluation Error: Error while evaluating a Function Call, Failed to parse 
> template site/ntp/ntp.conf.epp:
>   Filepath: /etc/puppetlabs/code/modules/site/templates/ntp/ntp.conf.epp
>   Line: 3
>   Detail: undefined local variable or method `’servers’' for 
> #
>  (file: /etc/puppetlabs/code/modules/site/manifests/profiles/ntp.pp, line: 
> 14, column: 31) 
> Warning: Not using cache on failed catalog
> Error: Could not retrieve catalog; skipping run
> On Tuesday, March 28, 2023 at 10:08:43 AM UTC-4 Martin Alfke wrote:
>> My example is an epp template.
>> 
>> What name does the variable have? $ntp? And: is this a hash with servers key 
>> set to an array?
>> 
>> In this case your erb (!) template can look like the following:
>> 
>> <% @ntp[’servers’].each { |server| -%>
>> server: <%= server %>
>> <% } -%>
>> 
>> 
>>> On 28. Mar 2023, at 14:37, Laci D > wrote:
>>> 
>> 
>>> Thank you Martin!
>>> 
>>> I used your example and I think something is missing.
>>> Since "servers" is under "ntp" in the hiera file (see example in my 
>>> original email) maybe we need to define that in the erb file?
>>> 
>>> 
>>> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
>>> Internal Server Error: org.jruby.exceptions.SyntaxError: (SyntaxError) 
>>> /etc/puppetlabs/code/modules/site/templates/ntp/ntp.conf.erb:6: syntax 
>>> error, unexpected tSTRING_BEG
>>> _erbout.<< "server: ".freeze; _erbout.<<((...
>>>^
>>> Warning: Not using cache on failed catalog
>>> Error: Could not retrieve catalog; skipping run
>>> 
>>> On Tuesday, March 28, 2023 at 2:57:23 AM UTC-4 Martin Alfke wrote:
 You must iterate as servers is an array:
 
 <% $servers.each |$server| { -%>
 server: <%= $server %>
 <%- } -%>
 
 
> On 27. Mar 2023, at 22:21, Laci D > wrote:
> 
 
> I'm working on defining NTP servers from Hiera.
> 
> For Linux servers I have been using puppetlabs-ntp, which has been 
> working nicely. Now I need to add support for FreeBSD. Above module 
> doesn't support FreeBSD but I can edit ntp.conf with file resource type. 
> 
> This is where things got complicated, file adds extra ["..."] around the 
> value form hiera, since it's an array. Array type is required for 
> puppetlabs-ntp
> Question is how can I get rid of the extra squarely braces and double 
> quotes?
> Rather than using a static file I'd like to stick to hiera since the ntp 
> can very based on datacenter.
> 
> /etc/ntp.conf
> server ["169.254.169.123"]
> 
> Desired /etc/ntp.conf
> server 169.254.169.123
> 
> hieradata/site.yaml
> ntp:
>   servers:
> - 169.254.169.123
> 
> templates/ntp/ntp.conf.erb
> server <%= @ntp['servers'] %>
> 
 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users...@googlegroups.com <>.
> To view this disc

Re: [Puppet Users] hiera, template and array

2023-03-29 Thread Laci D

The following configuration is finally working, yay! 
I replaced "servers" with "*ntp_host*" in hiera to have a clean separation 
between "server" and "servers".

Thank you for the help!


templates/ntp/ntp.conf.erb
# File is managed by Puppet

<% if @ntp['ntp_host'] -%>
server <%= @ntp['ntp_host'].join("\nserver ") %> iburst
<% end -%>

restrict default limited kod nomodify notrap noquery nopeer
restrict source  limited kod nomodify notrap noquery
restrict -6 default ignore
restrict 127.0.0.1
restrict ::1

server 127.127.1.0
fudge 127.127.1.0 stratum 10
tos minclock 3 maxclock 6
driftfile /var/db/ntpd.drift

leapfile "/var/db/ntpd.leap-seconds.list"

manifests/profiles/ntp.pp
class site::profiles::ntp {
$ntp = hiera_hash('ntp')

case $::operatingsystem {
'freebsd': {
   file { '/etc/ntp.conf':
   ensure  => file,
   recurse => true,
   purge   => true,
   force   => true,
   owner   => "root",
   group   => 0,
   mode=> "0644",
   content => template('site/ntp/ntp.conf.erb'),
   notify  => Service['ntpd'],
   }
   service { 'ntpd':
   ensure => 'running',
   enable => true,
   require => File['/etc/ntp.conf'],
   }
   service { 'ntpdate':
   enable => true,
   }
}
default: {

 class { 'ntp':
   servers  => $ntp['ntp_host'],
 }

   }
   }

hieradata/site.yaml
ntp:
  ntp_host:
- 169.254.169.123

On Wednesday, March 29, 2023 at 4:33:27 AM UTC-4 Martin Alfke wrote:

> In EPP the template must look different:
>
> <% $site::profiles::ntp::ntp[‘servers'].each |$server| { -%>
> server: <%= $server %>
> <% } -%>
>
> An array may consist of a single entry only.
>
> On 28. Mar 2023, at 16:30, Laci D  wrote:
>
> I tried both epp and erb templates.
>
> This is the manifest file:
>
> class site::profiles::ntp {
> $ntp = hiera_hash('ntp')
>
> case $::operatingsystem {
> 'freebsd': {
>file { "/etc/ntp.conf":
>ensure  => file,
>recurse => true,
>purge   => true,
>force   => true,
>owner   => "root",
>group   => 0,
>mode=> "0644",
>content => template('site/ntp/ntp.conf.epp'),
>#content => template('site/ntp/ntp.conf.erb'),
>}
>service { 'ntpd':
>ensure => 'running',
>enable => true,
>}
>service { 'ntpdate':
>enable => true,
>}
> }
> default: {
>
>  class { 'ntp':
>servers => $ntp['servers'],
>  }
>
>}
>}
> }
>
>
> The template:
>
> templates/ntp/ntp.conf.epp
> <% @ntp[’servers’].each { |server| -%>
> server: <%= server %>
> <% } -%>
>
> And this is the hiera (as of now there is only one ntp server but there'll 
> be more in the future):
> ntp:
>   servers:
> - 169.254.169.123
>
> Martin with the latest change I'm getting:
> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
> Server Error: Evaluation Error: Error while evaluating a Resource 
> Statement, Evaluation Error: Error while evaluating a Function Call, Failed 
> to parse template site/ntp/ntp.conf.epp:
>   Filepath: /etc/puppetlabs/code/modules/site/templates/ntp/ntp.conf.epp
>   Line: 3
>   Detail: undefined local variable or method `’servers’' for 
> #
>  (file: /etc/puppetlabs/code/modules/site/manifests/profiles/ntp.pp, line: 
> 14, column: 31) 
> Warning: Not using cache on failed catalog
> Error: Could not retrieve catalog; skipping run
> On Tuesday, March 28, 2023 at 10:08:43 AM UTC-4 Martin Alfke wrote:
>
>> My example is an epp template.
>>
>> What name does the variable have? $ntp? And: is this a hash with servers 
>> key set to an array?
>>
>> In this case your erb (!) template can look like the following:
>>
>> <% @ntp[’servers’].each { |server| -%>
>> server: <%= server %>
>> <% } -%>
>>
>> On 28. Mar 2023, at 14:37, Laci D  wrote:
>>
>> Thank you Martin!
>>
>> I used your example and I think something is missing.
>> Since "servers" is under "ntp" in the hiera file (see example in my 
>> original email) maybe we need to define that in the erb file?
>>
>>
>> Error: Could not retrieve catalog from remote server: Error 500 on 
>> SERVER: Internal Server Error: org.jruby.exceptions.SyntaxError: 
>> (SyntaxError) 
>> /etc/puppetlabs/code/modules/site/templates/ntp/ntp.conf.erb:6: syntax 
>> error, unexpected tSTRING_BEG
>> _erbout.<< "server: ".freeze; _erbout.<<((...
>>^
>> Warning: Not using cache on failed catalog
>> Error: Could not retrieve

Re: [Puppet Users] hiera, template and array

2023-03-29 Thread Martin Alfke

In EPP the template must look different:

<% $site::profiles::ntp::ntp[‘servers'].each |$server| { -%>
server: <%= $server %>
<% } -%>

An array may consist of a single entry only.

> On 28. Mar 2023, at 16:30, Laci D  wrote:
> 
> I tried both epp and erb templates.
> 
> This is the manifest file:
> 
> class site::profiles::ntp {
> $ntp = hiera_hash('ntp')
> 
> case $::operatingsystem {
> 'freebsd': {
>file { "/etc/ntp.conf":
>ensure  => file,
>recurse => true,
>purge   => true,
>force   => true,
>owner   => "root",
>group   => 0,
>mode=> "0644",
>content => template('site/ntp/ntp.conf.epp'),
>#content => template('site/ntp/ntp.conf.erb'),
>}
>service { 'ntpd':
>ensure => 'running',
>enable => true,
>}
>service { 'ntpdate':
>enable => true,
>}
> }
> default: {
> 
>  class { 'ntp':
>servers => $ntp['servers'],
>  }
> 
>}
>}
> }
> 
> 
> The template:
> 
> templates/ntp/ntp.conf.epp
> <% @ntp[’servers’].each { |server| -%>
> server: <%= server %>
> <% } -%>
> 
> And this is the hiera (as of now there is only one ntp server but there'll be 
> more in the future):
> ntp:
>   servers:
> - 169.254.169.123
> 
> Martin with the latest change I'm getting:
> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
> Server Error: Evaluation Error: Error while evaluating a Resource Statement, 
> Evaluation Error: Error while evaluating a Function Call, Failed to parse 
> template site/ntp/ntp.conf.epp:
>   Filepath: /etc/puppetlabs/code/modules/site/templates/ntp/ntp.conf.epp
>   Line: 3
>   Detail: undefined local variable or method `’servers’' for 
> #
>  (file: /etc/puppetlabs/code/modules/site/manifests/profiles/ntp.pp, line: 
> 14, column: 31) 
> Warning: Not using cache on failed catalog
> Error: Could not retrieve catalog; skipping run
> On Tuesday, March 28, 2023 at 10:08:43 AM UTC-4 Martin Alfke wrote:
>> My example is an epp template.
>> 
>> What name does the variable have? $ntp? And: is this a hash with servers key 
>> set to an array?
>> 
>> In this case your erb (!) template can look like the following:
>> 
>> <% @ntp[’servers’].each { |server| -%>
>> server: <%= server %>
>> <% } -%>
>> 
>> 
>>> On 28. Mar 2023, at 14:37, Laci D > wrote:
>>> 
>> 
>>> Thank you Martin!
>>> 
>>> I used your example and I think something is missing.
>>> Since "servers" is under "ntp" in the hiera file (see example in my 
>>> original email) maybe we need to define that in the erb file?
>>> 
>>> 
>>> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
>>> Internal Server Error: org.jruby.exceptions.SyntaxError: (SyntaxError) 
>>> /etc/puppetlabs/code/modules/site/templates/ntp/ntp.conf.erb:6: syntax 
>>> error, unexpected tSTRING_BEG
>>> _erbout.<< "server: ".freeze; _erbout.<<((...
>>>^
>>> Warning: Not using cache on failed catalog
>>> Error: Could not retrieve catalog; skipping run
>>> 
>>> On Tuesday, March 28, 2023 at 2:57:23 AM UTC-4 Martin Alfke wrote:
 You must iterate as servers is an array:
 
 <% $servers.each |$server| { -%>
 server: <%= $server %>
 <%- } -%>
 
 
> On 27. Mar 2023, at 22:21, Laci D gmail.com 
> > wrote:
> 
 
> I'm working on defining NTP servers from Hiera.
> 
> For Linux servers I have been using puppetlabs-ntp, which has been 
> working nicely. Now I need to add support for FreeBSD. Above module 
> doesn't support FreeBSD but I can edit ntp.conf with file resource type. 
> 
> This is where things got complicated, file adds extra ["..."] around the 
> value form hiera, since it's an array. Array type is required for 
> puppetlabs-ntp
> Question is how can I get rid of the extra squarely braces and double 
> quotes?
> Rather than using a static file I'd like to stick to hiera since the ntp 
> can very based on datacenter.
> 
> /etc/ntp.conf
> server ["169.254.169.123"]
> 
> Desired /etc/ntp.conf
> server 169.254.169.123
> 
> hieradata/site.yaml
> ntp:
>   servers:
> - 169.254.169.123
> 
> templates/ntp/ntp.conf.erb
> server <%= @ntp['servers'] %>
> 
 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users...@ <>googlegroups.com .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/848044f1-888d-44b3-

Re: [Puppet Users] hiera, template and array

2023-03-28 Thread Laci D

I tried both epp and erb templates.

This is the manifest file:

class site::profiles::ntp {
$ntp = hiera_hash('ntp')

case $::operatingsystem {
'freebsd': {
   file { "/etc/ntp.conf":
   ensure  => file,
   recurse => true,
   purge   => true,
   force   => true,
   owner   => "root",
   group   => 0,
   mode=> "0644",
   content => template('site/ntp/ntp.conf.epp'),
   #content => template('site/ntp/ntp.conf.erb'),
   }
   service { 'ntpd':
   ensure => 'running',
   enable => true,
   }
   service { 'ntpdate':
   enable => true,
   }
}
default: {

 class { 'ntp':
   servers => $ntp['servers'],
 }

   }
   }
}


The template:

templates/ntp/ntp.conf.epp
<% @ntp[’servers’].each { |server| -%>
server: <%= server %>
<% } -%>

And this is the hiera (as of now there is only one ntp server but there'll 
be more in the future):
ntp:
  servers:
- 169.254.169.123

Martin with the latest change I'm getting:
Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
Server Error: Evaluation Error: Error while evaluating a Resource 
Statement, Evaluation Error: Error while evaluating a Function Call, Failed 
to parse template site/ntp/ntp.conf.epp:
  Filepath: /etc/puppetlabs/code/modules/site/templates/ntp/ntp.conf.epp
  Line: 3
  Detail: undefined local variable or method `’servers’' for 
#
 (file: /etc/puppetlabs/code/modules/site/manifests/profiles/ntp.pp, line: 
14, column: 31) 
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
On Tuesday, March 28, 2023 at 10:08:43 AM UTC-4 Martin Alfke wrote:

> My example is an epp template.
>
> What name does the variable have? $ntp? And: is this a hash with servers 
> key set to an array?
>
> In this case your erb (!) template can look like the following:
>
> <% @ntp[’servers’].each { |server| -%>
> server: <%= server %>
> <% } -%>
>
> On 28. Mar 2023, at 14:37, Laci D  wrote:
>
> Thank you Martin!
>
> I used your example and I think something is missing.
> Since "servers" is under "ntp" in the hiera file (see example in my 
> original email) maybe we need to define that in the erb file?
>
>
> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
> Internal Server Error: org.jruby.exceptions.SyntaxError: (SyntaxError) 
> /etc/puppetlabs/code/modules/site/templates/ntp/ntp.conf.erb:6: syntax 
> error, unexpected tSTRING_BEG
> _erbout.<< "server: ".freeze; _erbout.<<((...
>^
> Warning: Not using cache on failed catalog
> Error: Could not retrieve catalog; skipping run
>
> On Tuesday, March 28, 2023 at 2:57:23 AM UTC-4 Martin Alfke wrote:
>
>> You must iterate as servers is an array:
>>
>> <% $servers.each |$server| { -%>
>> server: <%= $server %>
>> <%- } -%>
>>
>> On 27. Mar 2023, at 22:21, Laci D  wrote:
>>
>> I'm working on defining NTP servers from Hiera.
>>
>> For Linux servers I have been using *puppetlabs-ntp*, which has been 
>> working nicely. Now I need to add support for FreeBSD. Above module doesn't 
>> support FreeBSD but I can edit ntp.conf with *file* resource type. 
>>
>> This is where things got complicated, *file* adds extra ["..."] around 
>> the value form hiera, since it's an array. Array type is required for 
>> *puppetlabs-ntp*
>> Question is how can I get rid of the extra squarely braces and double 
>> quotes?
>> Rather than using a static file I'd like to stick to hiera since the ntp 
>> can very based on datacenter.
>>
>> /etc/ntp.conf
>> server ["169.254.169.123"]
>>
>> *Desired /etc/ntp.conf*
>> server 169.254.169.123
>>
>> hieradata/site.yaml
>> ntp:
>>   servers:
>> - 169.254.169.123
>>
>> templates/ntp/ntp.conf.erb
>> server <%= @ntp['servers'] %>
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to puppet-users...@googlegroups.com.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/puppet-users/848044f1-888d-44b3-8098-2c3569eb1608n%40googlegroups.com
>>  
>> 
>> .
>>
>>
>>
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users...@googlegroups.com.
>
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/1d68b2ef-0c4f-425f-a84d-3cc22e6f750an%40googlegroups.com
>  
>

Re: [Puppet Users] hiera, template and array

2023-03-28 Thread Martin Alfke

My example is an epp template.

What name does the variable have? $ntp? And: is this a hash with servers key 
set to an array?

In this case your erb (!) template can look like the following:

<% @ntp[’servers’].each { |server| -%>
server: <%= server %>
<% } -%>

> On 28. Mar 2023, at 14:37, Laci D  wrote:
> 
> Thank you Martin!
> 
> I used your example and I think something is missing.
> Since "servers" is under "ntp" in the hiera file (see example in my original 
> email) maybe we need to define that in the erb file?
> 
> 
> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
> Internal Server Error: org.jruby.exceptions.SyntaxError: (SyntaxError) 
> /etc/puppetlabs/code/modules/site/templates/ntp/ntp.conf.erb:6: syntax error, 
> unexpected tSTRING_BEG
> _erbout.<< "server: ".freeze; _erbout.<<((...
>^
> Warning: Not using cache on failed catalog
> Error: Could not retrieve catalog; skipping run
> 
> On Tuesday, March 28, 2023 at 2:57:23 AM UTC-4 Martin Alfke wrote:
>> You must iterate as servers is an array:
>> 
>> <% $servers.each |$server| { -%>
>> server: <%= $server %>
>> <%- } -%>
>> 
>> 
>>> On 27. Mar 2023, at 22:21, Laci D > wrote:
>>> 
>> 
>>> I'm working on defining NTP servers from Hiera.
>>> 
>>> For Linux servers I have been using puppetlabs-ntp, which has been working 
>>> nicely. Now I need to add support for FreeBSD. Above module doesn't support 
>>> FreeBSD but I can edit ntp.conf with file resource type. 
>>> 
>>> This is where things got complicated, file adds extra ["..."] around the 
>>> value form hiera, since it's an array. Array type is required for 
>>> puppetlabs-ntp
>>> Question is how can I get rid of the extra squarely braces and double 
>>> quotes?
>>> Rather than using a static file I'd like to stick to hiera since the ntp 
>>> can very based on datacenter.
>>> 
>>> /etc/ntp.conf
>>> server ["169.254.169.123"]
>>> 
>>> Desired /etc/ntp.conf
>>> server 169.254.169.123
>>> 
>>> hieradata/site.yaml
>>> ntp:
>>>   servers:
>>> - 169.254.169.123
>>> 
>>> templates/ntp/ntp.conf.erb
>>> server <%= @ntp['servers'] %>
>>> 
>> 
>>> -- 
>>> You received this message because you are subscribed to the Google Groups 
>>> "Puppet Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send an 
>>> email to puppet-users...@googlegroups.com <>.
>>> To view this discussion on the web visit 
>>> https://groups.google.com/d/msgid/puppet-users/848044f1-888d-44b3-8098-2c3569eb1608n%40googlegroups.com
>>>  
>>> .
>> 
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/1d68b2ef-0c4f-425f-a84d-3cc22e6f750an%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/5EF6A18F-0F46-42A8-AE13-BB37F700A64E%40gmail.com.

Re: [Puppet Users] hiera, template and array

2023-03-28 Thread 'Dirk Heinrichs' via Puppet Users

Am Dienstag, dem 28.03.2023 um 05:37 -0700 schrieb Laci D:

Since "servers" is under "ntp" in the hiera file (see example in my original
email) maybe we need to define that in the erb file?

I think the example is slightly wrong. Should IMHO be "@servers" and then just
"server" (without the leading "$").

HTH...

Dirk

--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/79bfaa41a59673f7a647003b32b54b0e237c2921.camel%40opentext.com.

Re: [Puppet Users] hiera, template and array

2023-03-28 Thread Laci D

Thank you Martin!

I used your example and I think something is missing.
Since "servers" is under "ntp" in the hiera file (see example in my 
original email) maybe we need to define that in the erb file?


Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
Internal Server Error: org.jruby.exceptions.SyntaxError: (SyntaxError) 
/etc/puppetlabs/code/modules/site/templates/ntp/ntp.conf.erb:6: syntax 
error, unexpected tSTRING_BEG
_erbout.<< "server: ".freeze; _erbout.<<((...
   ^
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run

On Tuesday, March 28, 2023 at 2:57:23 AM UTC-4 Martin Alfke wrote:

> You must iterate as servers is an array:
>
> <% $servers.each |$server| { -%>
> server: <%= $server %>
> <%- } -%>
>
> On 27. Mar 2023, at 22:21, Laci D  wrote:
>
> I'm working on defining NTP servers from Hiera.
>
> For Linux servers I have been using *puppetlabs-ntp*, which has been 
> working nicely. Now I need to add support for FreeBSD. Above module doesn't 
> support FreeBSD but I can edit ntp.conf with *file* resource type. 
>
> This is where things got complicated, *file* adds extra ["..."] around 
> the value form hiera, since it's an array. Array type is required for 
> *puppetlabs-ntp*
> Question is how can I get rid of the extra squarely braces and double 
> quotes?
> Rather than using a static file I'd like to stick to hiera since the ntp 
> can very based on datacenter.
>
> /etc/ntp.conf
> server ["169.254.169.123"]
>
> *Desired /etc/ntp.conf*
> server 169.254.169.123
>
> hieradata/site.yaml
> ntp:
>   servers:
> - 169.254.169.123
>
> templates/ntp/ntp.conf.erb
> server <%= @ntp['servers'] %>
>
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/848044f1-888d-44b3-8098-2c3569eb1608n%40googlegroups.com
>  
> 
> .
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/1d68b2ef-0c4f-425f-a84d-3cc22e6f750an%40googlegroups.com.

Re: [Puppet Users] hiera, template and array

2023-03-27 Thread Martin Alfke

You must iterate as servers is an array:

<% $servers.each |$server| { -%>
server: <%= $server %>
<%- } -%>

> On 27. Mar 2023, at 22:21, Laci D  wrote:
> 
> I'm working on defining NTP servers from Hiera.
> 
> For Linux servers I have been using puppetlabs-ntp, which has been working 
> nicely. Now I need to add support for FreeBSD. Above module doesn't support 
> FreeBSD but I can edit ntp.conf with file resource type. 
> 
> This is where things got complicated, file adds extra ["..."] around the 
> value form hiera, since it's an array. Array type is required for 
> puppetlabs-ntp
> Question is how can I get rid of the extra squarely braces and double quotes?
> Rather than using a static file I'd like to stick to hiera since the ntp can 
> very based on datacenter.
> 
> /etc/ntp.conf
> server ["169.254.169.123"]
> 
> Desired /etc/ntp.conf
> server 169.254.169.123
> 
> hieradata/site.yaml
> ntp:
>   servers:
> - 169.254.169.123
> 
> templates/ntp/ntp.conf.erb
> server <%= @ntp['servers'] %>
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/848044f1-888d-44b3-8098-2c3569eb1608n%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/D61C266A-ABDA-4C00-95B4-45AA0562FA80%40gmail.com.

[Puppet Users] hiera, template and array

2023-03-27 Thread Laci D

I'm working on defining NTP servers from Hiera.

For Linux servers I have been using *puppetlabs-ntp*, which has been 
working nicely. Now I need to add support for FreeBSD. Above module doesn't 
support FreeBSD but I can edit ntp.conf with *file* resource type. 

This is where things got complicated, *file* adds extra ["..."] around the 
value form hiera, since it's an array. Array type is required for 
*puppetlabs-ntp*
Question is how can I get rid of the extra squarely braces and double 
quotes?
Rather than using a static file I'd like to stick to hiera since the ntp 
can very based on datacenter.

/etc/ntp.conf
server ["169.254.169.123"]

*Desired /etc/ntp.conf*
server 169.254.169.123

hieradata/site.yaml
ntp:
  servers:
- 169.254.169.123

templates/ntp/ntp.conf.erb
server <%= @ntp['servers'] %>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/848044f1-888d-44b3-8098-2c3569eb1608n%40googlegroups.com.

Re: [EXTERNAL] - Re: [Puppet Users] Hiera 5 and Deferred / Sensitive

2022-11-02 Thread 'Dirk Heinrichs' via Puppet Users

Am Mittwoch, dem 02.11.2022 um 00:21 -0700 schrieb Aaron Russo:

There is
petems-hiera_vault
which is close --

Didn't know this one.

it retrieves secrets straight from Vault, but the puppet server is doing the
retrieving and means that the server needs privileged access to all the secrets
in Vault that agents' would need.

Yes, of course. The server does the catalog compilation, so that's the place
where the values are needed.

Bye...

Dirk

--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/3d51e54e496919798579bfbbec9c44c0948865eb.camel%40opentext.com.

Re: [Puppet Users] Hiera 5 and Deferred / Sensitive

2022-11-02 Thread Aaron Russo

If you're referring to hiera-eyaml-vault
, that's not pulling
secrets out of Vault -- it's using the transit encryption provider in place
of gpg keys and storing those in yaml. It's a neat approach but not what
I'm looking for.

There is petems-hiera_vault
 which
is close -- it retrieves secrets straight from Vault, but the puppet server
is doing the retrieving and means that the server needs privileged access
to all the secrets in Vault that agents' would need.

vault_lookup  uses
Deferred functions to have the agent authenticate and retrieve secrets from
Vault, which lets me assign a policy based on the host, so it can only see
the secrets it needs. It works great! I simply want that functionality in
hiera.

What I've done is similar to petems-hiera_vault except I return a Deferred
function to perform the vault_lookup::lookup on the agent side rather than
perform the vault lookup on the server side.

Thanks,

Aaron

-- 
Aaron Russo (He/Him/His)
PIXAR | Senior Systems Engineer


On Tue, Nov 1, 2022 at 11:34 PM 'Dirk Heinrichs' via Puppet Users <
puppet-users@googlegroups.com> wrote:

> Am Freitag, dem 21.10.2022 um 11:49 -0700 schrieb Aaron Russo:
>
> However it feels like an anti-pattern by forcing lookups into our
> manifests when we want to keep that in Hiera. I found a previous related
> thread[2] where Henrik suggested writing a custom backend for Hiera and
> return a Deferred.
>
>
> hiera-eyaml has a plugin for retrieving secrets from Vault. Did you try
> that?
>
> HTH...
>
> Dirk
>
> --
>
> *Dirk Heinrichs*
> Senior Systems Engineer, Delivery Pipeline
> OpenText ™ Discovery | Recommind
> *Phone*: +49 2226 15966 18
> *Email*: dhein...@opentext.com
> *Website*: www.recommind.de
> Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach
> Vertretungsberechtigte Geschäftsführer Gordon Davies, Madhu Ranganathan,
> Christian Waida, Registergericht Amtsgericht Bonn, Registernummer HRB 10646
> This e-mail may contain confidential and/or privileged information. If you
> are not the intended recipient (or have received this e-mail in error)
> please notify the sender immediately and destroy this e-mail. Any
> unauthorized copying, disclosure or distribution of the material in this
> e-mail is strictly forbidden
> Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte
> Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail
> irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und
> vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte
> Weitergabe dieser Mail sind nicht gestattet.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/7897bf9d6301f9bad84d762de8a0e7d35dfd2572.camel%40opentext.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAA4bxV4Ajn8W%3D4fhAa-TAOAhLjz%2B0K1jO6QNYuETGXuxHSZvfQ%40mail.gmail.com.

Re: [Puppet Users] Hiera 5 and Deferred / Sensitive

2022-11-01 Thread 'Dirk Heinrichs' via Puppet Users

Am Freitag, dem 21.10.2022 um 11:49 -0700 schrieb Aaron Russo:

However it feels like an anti-pattern by forcing lookups into our manifests
when we want to keep that in Hiera. I found a previous related thread[2] where
Henrik suggested writing a custom backend for Hiera and return a Deferred.

hiera-eyaml has a plugin for retrieving secrets from Vault. Did you try that?

HTH...

Dirk

--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/7897bf9d6301f9bad84d762de8a0e7d35dfd2572.camel%40opentext.com.

Re: [Puppet Users] Hiera 5 and Deferred / Sensitive

2022-10-31 Thread Aaron Russo

Closing the loop on this for anyone else trying this in the future.

The custom backend was correct the entire time and was returning the 
Deferred function. However since I was defining a key prefix that wasn't 
actually used in Hiera for the custom backend to key off of, I was making 
use of the `lookup` function to grab perform the lookup of that key. After 
re-reading the docs, I realized that `lookup` will always convert the value 
to a string, which was exactly my problem. Switching to use the `alias` 
function brought me success, as it does not attempt a conversion to string 
if it is the only value being interpolated.

I was then able to use that value as desired, provided whatever was 
consuming the value accepted (and unwrapped) the Sensitive[String] that was 
returned from the Deferred function.

Cheers,

Aaron

On Monday, October 31, 2022 at 1:00:25 PM UTC-7 Aaron Russo wrote:

> So I managed to get this to work by changing hiera data slightly, 
> replacing the `lookup` function with `alias` so that the type wasn't 
> automatically converted to a string.
>
> ```
> # this works! note the weird quoting is to avoid hiera treating fqdn dots 
> as sub-keys and is intentional.
> profile::gitlab_runner::lookup_test: 
> "%{alias(\"'vault_lookup::kv/data/host/
> gitlab-runner-31.example.com/gitlab-ci>registration_token'\")}"
> ```
>
> Unfortunately, this breaks down when I want to embed that key in a config 
> hash within hiera, like this:
> ```
> gitlab_ci_runner::runners:
>   'instance':
> config:
>   name: "Instance Runner on %{::hostname}"
>   registration-token: "%{alias(\"'vault_lookup::kv/data/host/
> gitlab-runner-31.example.com/gitlab-ci>registration_token'\")}"
>   ...
> ```
>
> I'm guessing without some changes in Hiera/Puppet, this part may not be 
> possible? Anyone have experience with this?
>
>
> On Fri, Oct 21, 2022 at 2:28 PM Aaron Russo  wrote:
>
>> We're using the vault_lookup[1] module to retrieve secrets from Vault via 
>> mTLS. It works fairly well when grabbing secrets within a manifest.
>>
>> However it feels like an anti-pattern by forcing lookups into our 
>> manifests when we want to keep that in Hiera. I found a previous related 
>> thread[2] where Henrik suggested writing a custom backend for Hiera and 
>> return a Deferred.
>>
>> However after doing what I thought was the correct thing, and returning a 
>> Deferred in our custom backend, the value in the file ends up being the 
>> literal string 'Deferred ...' and not being evaluated. I even wrote a quick 
>> manifest to check if a Deferred is being returned by Hiera/APL and it does 
>> not seem to be the case -- Hiera is returning a String representation of it.
>>
>> So my question is -- is it possible to actually return a Deferred via a 
>> Hiera lookup_key backend and if so, what might I be doing wrong? Sanitized 
>> code / outputs / etc provided[3] for mocking.
>>
>> Versions:
>>  puppet: 7.20.0
>>  puppetserver: 7.8.0
>>  puppetlabs/stdlib: 8.30
>>
>> Thanks!
>>
>> Aaron
>>
>> [1] https://forge.puppet.com/modules/puppet/vault_lookup
>> [2] https://groups.google.com/g/puppet-users/c/E-Q-ok-B0gQ/m/h-tYJFPdBwAJ
>> [3] https://gist.github.com/arusso/9eed3cac93e02aa270b6811b560b2093
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to puppet-users...@googlegroups.com.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/puppet-users/e5e12ede-e33f-440a-b13f-ccd221110f9dn%40googlegroups.com
>>  
>> 
>> .
>>
>
>
> -- 
> Aaron Russo (He/Him/His)
> PIXAR | Network & Server Admins (NSA) | Senior Systems Engineer
> aru...@pixar.com
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/9226eba1-c794-4a4c-98e3-ff74160f752an%40googlegroups.com.

Re: [Puppet Users] Hiera 5 and Deferred / Sensitive

2022-10-31 Thread Aaron Russo

So I managed to get this to work by changing hiera data slightly, replacing
the `lookup` function with `alias` so that the type wasn't automatically
converted to a string.

```
# this works! note the weird quoting is to avoid hiera treating fqdn dots
as sub-keys and is intentional.
profile::gitlab_runner::lookup_test: "%{alias(\"'vault_lookup::kv/data/host/
gitlab-runner-31.example.com/gitlab-ci>registration_token'\")}"
```

Unfortunately, this breaks down when I want to embed that key in a config
hash within hiera, like this:
```
gitlab_ci_runner::runners:
  'instance':
config:
  name: "Instance Runner on %{::hostname}"
  registration-token: "%{alias(\"'vault_lookup::kv/data/host/
gitlab-runner-31.example.com/gitlab-ci>registration_token'\")}"
  ...
```

I'm guessing without some changes in Hiera/Puppet, this part may not be
possible? Anyone have experience with this?


On Fri, Oct 21, 2022 at 2:28 PM Aaron Russo  wrote:

> We're using the vault_lookup[1] module to retrieve secrets from Vault via
> mTLS. It works fairly well when grabbing secrets within a manifest.
>
> However it feels like an anti-pattern by forcing lookups into our
> manifests when we want to keep that in Hiera. I found a previous related
> thread[2] where Henrik suggested writing a custom backend for Hiera and
> return a Deferred.
>
> However after doing what I thought was the correct thing, and returning a
> Deferred in our custom backend, the value in the file ends up being the
> literal string 'Deferred ...' and not being evaluated. I even wrote a quick
> manifest to check if a Deferred is being returned by Hiera/APL and it does
> not seem to be the case -- Hiera is returning a String representation of it.
>
> So my question is -- is it possible to actually return a Deferred via a
> Hiera lookup_key backend and if so, what might I be doing wrong? Sanitized
> code / outputs / etc provided[3] for mocking.
>
> Versions:
>  puppet: 7.20.0
>  puppetserver: 7.8.0
>  puppetlabs/stdlib: 8.30
>
> Thanks!
>
> Aaron
>
> [1] https://forge.puppet.com/modules/puppet/vault_lookup
> [2] https://groups.google.com/g/puppet-users/c/E-Q-ok-B0gQ/m/h-tYJFPdBwAJ
> [3] https://gist.github.com/arusso/9eed3cac93e02aa270b6811b560b2093
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/e5e12ede-e33f-440a-b13f-ccd221110f9dn%40googlegroups.com
> 
> .
>


-- 
Aaron Russo (He/Him/His)
PIXAR | Network & Server Admins (NSA) | Senior Systems Engineer
aru...@pixar.com

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAA4bxV6NY%2BFoDk-sSZZ8Bv%3D4wuAVP%3DdeQ4Hbg1RnULQXAqCc-w%40mail.gmail.com.

[Puppet Users] Hiera 5 and Deferred / Sensitive

2022-10-21 Thread Aaron Russo

We're using the vault_lookup[1] module to retrieve secrets from Vault via 
mTLS. It works fairly well when grabbing secrets within a manifest.

However it feels like an anti-pattern by forcing lookups into our manifests 
when we want to keep that in Hiera. I found a previous related thread[2] 
where Henrik suggested writing a custom backend for Hiera and return a 
Deferred.

However after doing what I thought was the correct thing, and returning a 
Deferred in our custom backend, the value in the file ends up being the 
literal string 'Deferred ...' and not being evaluated. I even wrote a quick 
manifest to check if a Deferred is being returned by Hiera/APL and it does 
not seem to be the case -- Hiera is returning a String representation of it.

So my question is -- is it possible to actually return a Deferred via a 
Hiera lookup_key backend and if so, what might I be doing wrong? Sanitized 
code / outputs / etc provided[3] for mocking.

Versions:
 puppet: 7.20.0
 puppetserver: 7.8.0
 puppetlabs/stdlib: 8.30

Thanks!

Aaron

[1] https://forge.puppet.com/modules/puppet/vault_lookup
[2] https://groups.google.com/g/puppet-users/c/E-Q-ok-B0gQ/m/h-tYJFPdBwAJ
[3] https://gist.github.com/arusso/9eed3cac93e02aa270b6811b560b2093

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/e5e12ede-e33f-440a-b13f-ccd221110f9dn%40googlegroups.com.

Re: [Puppet Users] Hiera values in provider

2022-08-02 Thread Matthias K

Thank you for the example.

Right now I'm going a different route to avoid having to store the password 
locally in plaintext and switched to an approach where I parse and filter 
the output of "dnf repolist" which is "good enough" for our current 
usecase, but I will look into the nexus provider anyway to gain some more 
insights how they approach the whole provider implementation when 
interacting with a remote api.

Best regards,
Matthias
On Tuesday, 2 August 2022 at 08:03:49 UTC+2 dhei...@opentext.com wrote:

> Am Montag, dem 01.08.2022 um 12:47 -0700 schrieb Matthias K:
>
> > The provider subscribes and unsubscribes yum repo channels through a
> > remote xmlrpc interface. To do this we need a username and password,
> > this is part of the defined resource and comes from hiera. This is
> > fine for creating the resources since we have all parameters
> > available in the "create" method.
>
> Your provider can read arbitrary files on the agent it is running on.
> This is what other providers also do, see the nexus3_rest module on
> Puppet Forge for an example. It needs credentials to be able to manage
> resources on a Nexus3 repository server, which it expects to be stored
> somewhere in /etc/puppet.
>
> So essentially, in the class that uses your provider, create such a
> credential/configuration file before using any resources your provider
> provides.
>
> HTH...
>
> Dirk
> -- 
> Dirk Heinrichs
> Senior Systems Engineer, Delivery Pipeline
> OpenText ™ Discovery | Recommind
> Phone: +49 2226 15966 18 <+49%202226%201596618>
> Email: dhei...@opentext.com
> Website: www.recommind.de
> Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach
> Vertretungsberechtigte Geschäftsführer Gordon Davies, Madhu
> Ranganathan, Christian Waida, Registergericht Amtsgericht Bonn,
> Registernummer HRB 10646
> This e-mail may contain confidential and/or privileged information. If
> you are not the intended recipient (or have received this e-mail in
> error) please notify the sender immediately and destroy this e-mail.
> Any unauthorized copying, disclosure or distribution of the material in
> this e-mail is strictly forbidden
> Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte
> Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-
> Mail irrtümlich erhalten haben, informieren Sie bitte sofort den
> Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie
> die unbefugte Weitergabe dieser Mail sind nicht gestattet.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/4a6bdfa0-d4e1-4b77-9ee6-7a232137fb69n%40googlegroups.com.

Re: [Puppet Users] Hiera values in provider

2022-08-01 Thread 'Dirk Heinrichs' via Puppet Users

Am Montag, dem 01.08.2022 um 12:47 -0700 schrieb Matthias K:

> The provider subscribes and unsubscribes yum repo channels through a
> remote xmlrpc interface. To do this we need a username and password,
> this is part of the defined resource and comes from hiera. This is
> fine for creating the resources since we have all parameters
> available in the "create" method.

Your provider can read arbitrary files on the agent it is running on.
This is what other providers also do, see the nexus3_rest module on
Puppet Forge for an example. It needs credentials to be able to manage
resources on a Nexus3 repository server, which it expects to be stored
somewhere in /etc/puppet.

So essentially, in the class that uses your provider, create such a
credential/configuration file before using any resources your provider
provides.

HTH...

 Dirk
-- 
Dirk Heinrichs
Senior Systems Engineer, Delivery Pipeline
OpenText ™ Discovery | Recommind
Phone: +49 2226 15966 18
Email: dhein...@opentext.com
Website: www.recommind.de
Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach
Vertretungsberechtigte Geschäftsführer Gordon Davies, Madhu
Ranganathan, Christian Waida, Registergericht Amtsgericht Bonn,
Registernummer HRB 10646
This e-mail may contain confidential and/or privileged information. If
you are not the intended recipient (or have received this e-mail in
error) please notify the sender immediately and destroy this e-mail.
Any unauthorized copying, disclosure or distribution of the material in
this e-mail is strictly forbidden
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte
Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-
Mail irrtümlich erhalten haben, informieren Sie bitte sofort den
Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie
die unbefugte Weitergabe dieser Mail sind nicht gestattet.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/0c174c7a989d37c9bfd2cbfd8f99ade22b3965dd.camel%40opentext.com.

Re: [Puppet Users] Hiera values in provider

2022-08-01 Thread Matthias K

Thank you. I was expecting something like that :-/ Your described process 
is in general what we are doing with all of our custom providers. 

Unfortunately, in this case, we have something "special". The provider does 
not manage anything which can be accessed locally from the system. 
The provider subscribes and unsubscribes yum repo channels through a remote 
xmlrpc interface. To do this we need a username and password, this is part 
of the defined resource and comes from hiera. This is fine for creating the 
resources since we have all parameters available in the "create" method.

But to get the list of applied resources  we are using a method within the 
"instances" method, that pulls the list of actually subscribed channels. 
This methods need the authentication information as well, but in this phase 
of the provider we do not have access to the parameters of the defined 
resources, right?

Here's the code within the instances method. The "getSubscribedChannels" 
method would need username and password from hiera / provided through the 
type. Right now it is hardcoded within the "getSubscribedChannels" method 
itself.

  def self.instances
resources = []
begin
  @subscribed_channels = getSubscribedChannels(client)
rescue Puppet::ExecutionFailure => e
  Puppet.debug "Error while fetching subscribed channels -> 
#{e.inspect}"
  return {}
end
@subscribed_channels.each do |channel|
resources.push(new(
  :name => channel,
  :ensure => :present,
 ))
end
resources
  end

Is there an alternative way to do this?
On Monday, 1 August 2022 at 21:08:16 UTC+2 ben@puppet.com wrote:

> Not directly. Hiera provides data to the server for use when compiling the 
> catalog. Providers run on the agent after the catalog has been compiled.
>
> If you need to get to Hiera data, write your type/provider such that it 
> accepts a parameter, then look that up from Hiera and pass it in when you 
> declare a resource.
>
> On Mon, Aug 1, 2022 at 12:06 PM Matthias K  wrote:
>
>> Hi, is it possible to access hiera values within a custom provider?
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to puppet-users...@googlegroups.com.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/puppet-users/7b664134-0ed6-44d8-8054-b48f8de4e578n%40googlegroups.com
>>  
>> 
>> .
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/7ca993f6-e437-4741-9433-0ba9da572bcen%40googlegroups.com.

Re: [Puppet Users] Hiera values in provider

2022-08-01 Thread Ben Ford

Not directly. Hiera provides data to the server for use when compiling the
catalog. Providers run on the agent after the catalog has been compiled.

If you need to get to Hiera data, write your type/provider such that it
accepts a parameter, then look that up from Hiera and pass it in when you
declare a resource.

On Mon, Aug 1, 2022 at 12:06 PM Matthias K  wrote:

> Hi, is it possible to access hiera values within a custom provider?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/7b664134-0ed6-44d8-8054-b48f8de4e578n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CACkW_L6OfeJ1HU3RRAJt%3DoyCPtiy1Vba%2BLxGZ6uXjoeq9%2BbkFQ%40mail.gmail.com.

[Puppet Users] Hiera values in provider

2022-08-01 Thread Matthias K

Hi, is it possible to access hiera values within a custom provider?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/7b664134-0ed6-44d8-8054-b48f8de4e578n%40googlegroups.com.

[Puppet Users] Hiera Data Manager Demo available

2022-07-28 Thread Martin Alfke

Hi everyone,

we would like to introduce our Hiera Data Manager - HDM.
HDM is made available under an Open Source License and offers a web interface 
to analyze Hiera Data.
Further information are available on the project website: 
https://github.com/betadots/hdm 

We have set up a demo environment which will be available until August 4th 2022.

URL: http://puppet.hdm.betadots.training:3000
Username: u...@domain.tld
Password: user

We love to hear feedback or comments from you.

h...@betadots.de 

Best regards,
Martin

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/0775CD89-A7E2-46F3-BDCA-A75FD391F0FA%40gmail.com.

Re: [Puppet Users] hiera 5 postgresql backend

2022-04-15 Thread 'Matt Zagrabelny' via Puppet Users

On Fri, Apr 15, 2022 at 12:34 PM Matt Zagrabelny  wrote:

> Hi Martin,
>
> Thanks for the email. I understand your concerns about using other
> backends. We have a reasonably small puppet deployment, so I think I will
> try a DB based backend and see how it performs.
>
> In that light, I've downloaded a hiera-mysql2 module from github and
> installed it at:
>
> # tree /usr/share/puppet/modules/hiera-mysql2
> /usr/share/puppet/modules/hiera-mysql2
> ├── CHANGELOG.md
> ├── lib
> │   └── puppet
> │   └── functions
> │   └── mysql2_lookup_key.rb
> ├── LICENSE
> ├── metadata.json
> └── README.md
>
> I've updated my /etc/puppet/hiera.yaml to include an entry for looking up
> data using hiera-mysql2:
>
> # head /etc/puppet/hiera.yaml
> version: 5
>
> defaults:
> datadir: /etc/puppet/code/hiera
> data_hash: yaml_data
>
> hierarchy:
> - name: "MySQL lookup"
>   lookup_key: mysql2_lookup_key
>   options:
>
> And I've restarted my puppetmaster.
>
> When I attempt a lookup, either locally on the puppet master (or on an
> client system via puppet agent -t), I get:
>
> # puppet  lookup foo::bar --explain
> Searching for "lookup_options"
>   Global Data Provider (hiera configuration version 5)
> Using configuration "/etc/puppet/hiera.yaml"
> Hierarchy entry "MySQL lookup"
> Unable to find 'lookup_key' function named 'mysql2_lookup_key' (file:
> /etc/puppet/hiera.yaml)
>
> I did not use "puppet module" to install the module, I just copied the
> files to the directory.
>
> My module path looks good. Notice the last entry in the following path
> output...
>
> # puppet config print modulepath
>
> /etc/puppet/code/environments/production/modules:/etc/puppet/code/environments/production/profiles:/etc/puppet/code/environments/production/roles:/etc/puppet/modules:/etc/puppet/profiles:/etc/puppet/roles:/usr/share/puppet/modules
>
> Can anyone help me understand why the puppetmaster isn't seeing the
> hiera-mysql2 module (and function contained therein) ?
>

A little bit more information...

puppet module list does not list the module:

# puppet module list | tail
/usr/share/puppet/modules
├── crayfishx-hiera_mysql (v3.0.1)
├── nanliu-staging (v1.0.4)
├── puppetlabs-apt (v6.1.1)  invalid
├── puppetlabs-concat (v5.1.0)  invalid
├── puppetlabs-mysql (v5.3.0)
├── puppetlabs-postgresql (v5.4.0)
├── puppetlabs-stdlib (v5.0.0)  invalid
├── puppetlabs-translate (v1.1.0)
└── puppetlabs-vcsrepo (v3.0.0)

However, it exists on disk:

# ls -1 /usr/share/puppet/modules
apt
concat
hiera_mysql
hiera-mysql2
mysql
postgresql
staging
stdlib
translate
vcsrepo

Any ideas how to get puppet to see the modules that exist "on disk" ?

Thanks for the help!

-m

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAOLfK3W-m12adKYAzLSS%2B-1PvE_ytMA6Mue2rqPr0qoYux%2BPBg%40mail.gmail.com.

Re: [Puppet Users] hiera 5 postgresql backend

2022-04-15 Thread 'Matt Zagrabelny' via Puppet Users

Hi Martin,

Thanks for the email. I understand your concerns about using other
backends. We have a reasonably small puppet deployment, so I think I will
try a DB based backend and see how it performs.

In that light, I've downloaded a hiera-mysql2 module from github and
installed it at:

# tree /usr/share/puppet/modules/hiera-mysql2
/usr/share/puppet/modules/hiera-mysql2
├── CHANGELOG.md
├── lib
│   └── puppet
│   └── functions
│   └── mysql2_lookup_key.rb
├── LICENSE
├── metadata.json
└── README.md

I've updated my /etc/puppet/hiera.yaml to include an entry for looking up
data using hiera-mysql2:

# head /etc/puppet/hiera.yaml
version: 5

defaults:
datadir: /etc/puppet/code/hiera
data_hash: yaml_data

hierarchy:
- name: "MySQL lookup"
  lookup_key: mysql2_lookup_key
  options:

And I've restarted my puppetmaster.

When I attempt a lookup, either locally on the puppet master (or on an
client system via puppet agent -t), I get:

# puppet  lookup foo::bar --explain
Searching for "lookup_options"
  Global Data Provider (hiera configuration version 5)
Using configuration "/etc/puppet/hiera.yaml"
Hierarchy entry "MySQL lookup"
Unable to find 'lookup_key' function named 'mysql2_lookup_key' (file:
/etc/puppet/hiera.yaml)

I did not use "puppet module" to install the module, I just copied the
files to the directory.

My module path looks good. Notice the last entry in the following path
output...

# puppet config print modulepath
/etc/puppet/code/environments/production/modules:/etc/puppet/code/environments/production/profiles:/etc/puppet/code/environments/production/roles:/etc/puppet/modules:/etc/puppet/profiles:/etc/puppet/roles:/usr/share/puppet/modules

Can anyone help me understand why the puppetmaster isn't seeing the
hiera-mysql2 module (and function contained therein) ?

Thank you for your consideration.

-m

On Thu, Apr 14, 2022 at 1:21 AM Martin Alfke  wrote:

> Hi,
>
> We usually recommend to not use any other backend, except for file based
> backends, due to performance.
> Any other backend must be able to deliver the same lookup speed.
> We did a calculation at a customer and we saw hiera answering 8000 queries
> in less than 1 second using the yaml file backend.
>
> With hiera5 you can of course write new backends.
> Please note that the hiera3 backends are not compatible with hiera5!
> https://puppet.com/docs/puppet/7/hiera_custom_backends.html
>
> Hth,
> Martin
>
>
> On 14. Apr 2022, at 04:30, 'Matt Zagrabelny' via Puppet Users <
> puppet-users@googlegroups.com> wrote:
>
> Greetings,
>
> I'm running puppet 5.5.
>
> Is anyone aware of a hiera 5 Pg backend?
>
> I've tried getting the hiera 3 module [0] working, but am struggling. I'm
> hoping a native hiera 5 will be a smoother experience.
>
> Thanks for the help!
>
> -m
>
> [0] https://github.com/rogeduardo/hiera-psql
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/CAOLfK3U6euXrZfWHLcSWjm-BHrxLq0oir8p2x-O4ExMe1TCrdA%40mail.gmail.com
> 
> .
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/4EF8FA1E-3BA5-4B4D-B3E5-CCCF24981D03%40gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAOLfK3W3cJx00gwP%3Do0yyWHRMu%2BvV4fvu28L%3DikNORF8K6FH8Q%40mail.gmail.com.

Re: [Puppet Users] hiera 5 postgresql backend

2022-04-13 Thread Martin Alfke

Hi,

We usually recommend to not use any other backend, except for file based 
backends, due to performance.
Any other backend must be able to deliver the same lookup speed.
We did a calculation at a customer and we saw hiera answering 8000 queries in 
less than 1 second using the yaml file backend.

With hiera5 you can of course write new backends.
Please note that the hiera3 backends are not compatible with hiera5!
https://puppet.com/docs/puppet/7/hiera_custom_backends.html 


Hth,
Martin


> On 14. Apr 2022, at 04:30, 'Matt Zagrabelny' via Puppet Users 
>  wrote:
> 
> Greetings,
> 
> I'm running puppet 5.5.
> 
> Is anyone aware of a hiera 5 Pg backend?
> 
> I've tried getting the hiera 3 module [0] working, but am struggling. I'm 
> hoping a native hiera 5 will be a smoother experience.
> 
> Thanks for the help!
> 
> -m
> 
> [0] https://github.com/rogeduardo/hiera-psql 
> 
> 
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/CAOLfK3U6euXrZfWHLcSWjm-BHrxLq0oir8p2x-O4ExMe1TCrdA%40mail.gmail.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/4EF8FA1E-3BA5-4B4D-B3E5-CCCF24981D03%40gmail.com.

[Puppet Users] hiera 5 postgresql backend

2022-04-13 Thread 'Matt Zagrabelny' via Puppet Users

Greetings,

I'm running puppet 5.5.

Is anyone aware of a hiera 5 Pg backend?

I've tried getting the hiera 3 module [0] working, but am struggling. I'm
hoping a native hiera 5 will be a smoother experience.

Thanks for the help!

-m

[0] https://github.com/rogeduardo/hiera-psql

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAOLfK3U6euXrZfWHLcSWjm-BHrxLq0oir8p2x-O4ExMe1TCrdA%40mail.gmail.com.

[Puppet Users] Hiera recursive lookup problem

2022-03-18 Thread Michele Manzato

Hi, I've got a problem with Hiera interpolation (lookups). I'm fairly new 
to Hiera, so I think I am misunderstanding something important, but doc 
searches revealed nothing so far.

I'm using Puppet 7.x with the following hiera.yaml:

# hiera.yaml
---
version: 5
hierarchy:
- name: "Per-node data"
path: "nodes/%{::trusted.certname}.yaml"
- name: "Per-subsystem data"
path: "subsystems/%{::subsystem}.yaml"
- name: "Common and fallback data"
path: "common.yaml"

Basically, data should be searched first in the node-specific file, then in 
a subsystem specific file, then in the common file (that is empty, so far).

(bare bones) Agent-specific file looks like this:

# environments/test/data/nodes/agent1.yaml
---
my:
net:
host:
ip_address: "%{lookup('my.net.hosts.agent1')}"
needs_proxy: false

(you see that I use lookup interpolation, that's in order to avoid data 
duplication). 
The my.net.hosts.agent1 key is not part of this file, but is found in the 
subsystem-specific 

yaml:

# environments/test/data/subsystems/main.yaml
---
my:
net:
hosts:
agent01: "192.168.56.6"
needs_proxy: true

Per the hiera.yaml above it this comes later in the hierarchy. 

Unfortunately, the agent fails with the following error:

Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
Server Error: Lookup of key 'my.net.hosts.agent01' failed: Recursive lookup 
detected in [my.net.needs_proxy, my.net.hosts.agent01] on node agent1

and I got no clue why that happens, as I can't see any obvious loops.

Any help would be greatly appreciated.

Thanks
Michele

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/4d25e9b2-d2c3-4580-a2a9-ceac37fb1cf5n%40googlegroups.com.

[Puppet Users] hiera resources in puppetdb

2022-01-12 Thread 'Matt Zagrabelny' via Puppet Users

Greetings,

I use lookup to get data out of hiera:

node some-host {
class { 'foo':
$bar = lookup('bar')
}
}

I'd like to be able to query puppetdb to find out what hosts use various 
hiera keys.

So in the above example. Given bar return some-host.

I know I can write a parser to get the class "foo" that contains the hiera 
key "bar". Then using that class (foo in this case), I could query puppetdb 
with a class and get the host.

I know the hiera keys wouldn't show up in the facts report. I know that the 
hiera keys wouldn't show up in the catalog reports.

Is it possible to create a custom function like so:

my_lookup(key) {
# somehow create a resource that I can query with puppetdb
   # and then use the real lookup:
   return lookup(key);
}

Any ideas about querying puppetdb to get used hiera keys in given hosts?

-m

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/10f366cf-3c51-4956-8e83-c20fcf61226cn%40googlegroups.com.

Re: [Puppet Users] Hiera value and using looping on it

2021-12-16 Thread 'Dirk Heinrichs' via Puppet Users

Am Mittwoch, dem 15.12.2021 um 22:53 -0800 schrieb Tejas Bhosale:

I have heira value as an example as

```
profile::candy::virtualhosts:
abc.example.com:
listen: '80'
location: [v1, v2]
backend_port: [3000, 3001]
```

Use

profile::candy::virtualhosts:
- name: abc.exacmple.com
listen: '80'
...
- name: def.example.com
listen: '443'
...

and then in

$virtualhosts.each |$host| {
...
}

you can access the fields directly, like $host['name'], etc...

HTH...

Dirk

--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/b2a3f283eedab9b07daac6627b86ea3891af61c1.camel%40opentext.com.

[Puppet Users] Hiera value and using looping on it

2021-12-16 Thread Tejas Bhosale

Hi, I have heira value as an example as

```
profile::candy::virtualhosts:
  abc.example.com:
listen: '80'
location: [v1, v2]
backend_port: [3000, 3001]
```

Can anyone tell me how can i loop it to create nginx config along with 
locations setup
i am able to create virtual host config using this code

```
$virtualhosts.each |$virtualhost, $opts| {

nginx::resource::server { "${virtualhost}":
  listen_port => Stdlib::Port($opts[listen]),
  ssl => $ssl,
  ssl_cert  => if $ssl { "/etc/nginx/certs/playerzpot.pem" },
  ssl_key   => if $ssl { "/etc/nginx/certs/playerzpot.key" },
  ssl_redirect  => $ssl,
}
```
but want to loop locations and backend port to create nginx config like this

nginx::resource::location { "/v1-${virtualhost}" :
  ensure => present,
  ssl => true,
  ssl_only=> true,
  location => "${location}",
  server => "${virtualhost}",
  index_files => [],
  proxy   => "http://127.0.0.1:4000/";,
  proxy_set_header=> [ 'Upgrade $http_upgrade', "Connection 'upgrade'", 
'Host $host' ],
  proxy_http_version  => '1.1',
}

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/5c05b88b-61fc-4b07-9c01-1c00d0692e33n%40googlegroups.com.

Re: [Puppet Users] Hiera driving me round the bend

2021-10-14 Thread David Murphy


OK - I think my naming is a little confusing but I don't think that I am 
confusing the two - although I totally could be, 

The problem for me seems to be that the facts that the client should be 
passing through to the server don't seem to be handled properly. The way 
I'm trying to determine this - as I haven't got puppetDB setup is to have a 
key in each of the yaml files in the hierarchy and by merging that key it 
will show me all of the yaml files making up the data being provided to the 
agent.

The things that I don't understand are these

   - The docs say that if you want to use a fact in your hiera.yaml to 
   specify a path you should do it like this 
   
*path: "site/%{facts.derivedsite}.yaml"*

but even though I can see that fact using facter -p on the 
agent it doesn't pick it up on the master.

   - How does the mapped_paths work? 

*mapped_paths: [ attributes, att, "attributes/%{att}.yaml" ]*
This works even though the attributes array is specified as a 
fact on the agent server. But it doesn't work if I use facts.attributes 
instead which If the docs are to be believed you should do. Also, although 
the mapped_paths is supposedly allowing me to have files for all of the 
array elements it doesn't pick up both. 

On Thursday, October 14, 2021 at 1:48:18 PM UTC+1 Martin Alfke wrote:

> Hi David,
>
> You seem to mix up hiera and facts.
>
> Your node has facts:
> ---
>   derivedsite: 'cp1'
>   hostdb:
> role: 'development'
> businessowner: ‘Infrastructure'
>   attributes:
> - 'DNS-Slave'
> - 'Oracle'
>   applicationlist:
> - ‘test'
>
> Now hiera jumps in (hiera.yaml file) and uses the facts to identify which 
> hierarchies to use, when receiving queries for hiera keys.
>
> Within hiera you can specify the way how hiera should look for keys 
> (lookup_options).
> These have nothing to do with facts!
>
> Lets assume you hiera.yaml file and the following hiera content:
>
> # common.yaml
> ---
> lookup_options:
>   ‘profile::attributes::name’:
> merge: unique
>
> # attributes/DNS-Slave.yaml
> ---
> profile::attributes::name: ‘DNS-Slave’
>
> # attributes/Oracle.yaml
> ---
> profile::attributes::name: ‘Oracle'
>
>
> Within your Puppet code:
> class profile::attributes (
>   $name,
> ){
>   notify { ‘attrlist’:
> message => $name,
>   }
> }
>
> This will return all of the existing profile::attributes::name Hier keys 
> available for a node in all hierarchies.
> Using the above mentioned code and data this will return:
>
> [‘DNS-Slave’, ‘Oracle’]
>
> Hth,
> Martin
>
>
> On 10. Oct 2021, at 21:48, David Murphy  wrote:
>
> Hi Guys, 
>
> You have to forgive this but it’s driving me nuts. 
>
> I thought I understood the way that Hiera worked and trying to get it to 
> work in the way I expect has had me seriously doubting myself. 
>
> My hiera.yaml looks like this 
>
> *---*
>
> *# Hiera 5 Global configuration file*
>
> *  version: 5*
>
> *  defaults:*
>
> *datadir: /etc/puppetlabs/code/environments/production/hieradata*
>
> *data_hash: yaml_data*
>
> *  hierarchy:*
>
> *- name: "Host Specifics"*
>
> *  path: "hosts/%{facts.hostname}.yaml"*
>
> *- name: "Attribute Specifics"*
>
> *  mapped_paths: [ attributes, att, "attributes/%{att}.yaml" ]*
>
> *- name: "Application List Specifics"*
>
> *  mapped_paths: [ applicationlist, app, "application/%{app}.yaml" ]*
>
> *- name: "Business Owner Specifics"*
>
> *  path: "businessowner/%{facts.businessowner}.yaml"*
>
> *- name: "Environment Specifics"*
>
> *  path: "environment/%{facts.role}.yaml"*
>
> *- name: "OS Specific"*
>
> *  path: "os/%{facts.os.family}%{facts.os.release.major}.yaml"*
>
> *- name: "Kernel Specific"*
>
> *  path: "kernel/%{facts.kernel}.yaml"*
>
> *- name: "Hardware Specific"*
>
> *  path: "hardware/%{facts.productname}.yaml"*
>
> *- name: "Site Specific"*
>
> *  path: "site/%{facts.deriversite}.yaml"*
>
> *- name: "Common Data"*
>
> *  path: “common.yaml"*
>
>
> On the agent I’m setting up some local facts that I need to control what 
> comes back in the catalog.
>
>
> *---*
>
> *  derivedsite: 'cp1'*
>
> *  hostdb:*
>
> *role: 'development'*
>
> *businessowner: ‘Infrastructure'*
>
>
> *  attributes:*
>
> *- 'DNS-Slave'*
>
> *- 'Oracle'*
>
> *  applicationlist:*
>
> *- ‘test'*
>
>
> The way I’m trying to debug this is via a parameter called sourcefact that 
> is in all off the Hiera yaml files and is merged to show me which files are 
> being used.
>
>
> Local facts look like this 
>
>
> *---*
>
> *# Yaml file for Hiera - Common*
>
> *  lookup_options:*
>
> *sourcefact:*
>
> *  merge: unique*
>
> *profile::packages::os:*
>
> *  merge: unique*
>
> *"^profile::(.*)$":*
>
> *  merge: deep *
>
> *  sourcefact: ‘Common'*
>
>
>
> When I run the puppet agent -t one of the lines looks like 
>
>
> *Notice: Let's see what the Source variable sa

Re: [Puppet Users] Hiera driving me round the bend

2021-10-14 Thread Martin Alfke

Hi David,

You seem to mix up hiera and facts.

Your node has facts:
---
  derivedsite: 'cp1'
  hostdb:
role: 'development'
businessowner: ‘Infrastructure'
  attributes:
- 'DNS-Slave'
- 'Oracle'
  applicationlist:
- ‘test'

Now hiera jumps in (hiera.yaml file) and uses the facts to identify which 
hierarchies to use, when receiving queries for hiera keys.

Within hiera you can specify the way how hiera should look for keys 
(lookup_options).
These have nothing to do with facts!

Lets assume you hiera.yaml file and the following hiera content:

# common.yaml
---
lookup_options:
  ‘profile::attributes::name’:
merge: unique

# attributes/DNS-Slave.yaml
---
profile::attributes::name: ‘DNS-Slave’

# attributes/Oracle.yaml
---
profile::attributes::name: ‘Oracle'


Within your Puppet code:
class profile::attributes (
  $name,
){
  notify { ‘attrlist’:
message => $name,
  }
}

This will return all of the existing profile::attributes::name Hier keys 
available for a node in all hierarchies.
Using the above mentioned code and data this will return:

[‘DNS-Slave’, ‘Oracle’]

Hth,
Martin


> On 10. Oct 2021, at 21:48, David Murphy  wrote:
> 
> Hi Guys, 
> 
> You have to forgive this but it’s driving me nuts. 
> 
> I thought I understood the way that Hiera worked and trying to get it to work 
> in the way I expect has had me seriously doubting myself. 
> 
> My hiera.yaml looks like this 
> 
> ---
> 
> # Hiera 5 Global configuration file
> 
>   version: 5
> 
>   defaults:
> 
> datadir: /etc/puppetlabs/code/environments/production/hieradata
> 
> data_hash: yaml_data
> 
>   hierarchy:
> 
> - name: "Host Specifics"
> 
>   path: "hosts/%{facts.hostname}.yaml"
> 
> - name: "Attribute Specifics"
> 
>   mapped_paths: [ attributes, att, "attributes/%{att}.yaml" ]
> 
> - name: "Application List Specifics"
> 
>   mapped_paths: [ applicationlist, app, "application/%{app}.yaml" ]
> 
> - name: "Business Owner Specifics"
> 
>   path: "businessowner/%{facts.businessowner}.yaml"
> 
> - name: "Environment Specifics"
> 
>   path: "environment/%{facts.role}.yaml"
> 
> - name: "OS Specific"
> 
>   path: "os/%{facts.os.family}%{facts.os.release.major}.yaml"
> 
> - name: "Kernel Specific"
> 
>   path: "kernel/%{facts.kernel}.yaml"
> 
> - name: "Hardware Specific"
> 
>   path: "hardware/%{facts.productname}.yaml"
> 
> - name: "Site Specific"
> 
>   path: "site/%{facts.deriversite}.yaml"
> 
> - name: "Common Data"
> 
>   path: “common.yaml"
> 
> 
> 
> On the agent I’m setting up some local facts that I need to control what 
> comes back in the catalog.
> 
> 
> 
> ---
> 
>   derivedsite: 'cp1'
> 
>   hostdb:
> 
> role: 'development'
> 
> businessowner: ‘Infrastructure'
> 
>   attributes:
> 
> - 'DNS-Slave'
> 
> - 'Oracle'
> 
>   applicationlist:
> 
> - ‘test'
> 
> 
> 
> The way I’m trying to debug this is via a parameter called sourcefact that is 
> in all off the Hiera yaml files and is merged to show me which files are 
> being used.
> 
> 
> 
> Local facts look like this 
> 
> 
> 
> ---
> 
> # Yaml file for Hiera - Common
> 
>   lookup_options:
> 
> sourcefact:
> 
>   merge: unique
> 
> profile::packages::os:
> 
>   merge: unique
> 
> "^profile::(.*)$":
> 
>   merge: deep 
> 
>   sourcefact: ‘Common'
> 
> 
> 
> 
> 
> When I run the puppet agent -t one of the lines looks like 
> 
> 
> 
> Notice: Let's see what the Source variable says [DNS Slave, test, Linux, 
> Common]
> 
> 
> 
> Trouble is I can’t seem to get it to be consistent. The only facts I can seem 
> to get the master to see are the attributes and applicationlist ones and they 
> are both arrays end even then it only picks up the first element.
> 
> 
> 
> For this agent I would expect to see 
> 
> 
> 
> Notice: Let's see what the Source variable says [Oracle ,DNS Slave, test, 
> Linux, cp1, Common]
> 
> I’m assuming I am doing something fundamentally wrong here - HELP 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/3b96dd74-90c3-4cc4-8dff-55245deea3d3n%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/9C80ADFD-A125-4BB0-A550-24657ED0ED32%40gmail.com.

[Puppet Users] Hiera driving me round the bend

2021-10-11 Thread David Murphy



Hi Guys, 

You have to forgive this but it’s driving me nuts. 

I thought I understood the way that Hiera worked and trying to get it to 
work in the way I expect has had me seriously doubting myself. 

My hiera.yaml looks like this 

*---*

*# Hiera 5 Global configuration file*

*  version: 5*

*  defaults:*

*datadir: /etc/puppetlabs/code/environments/production/hieradata*

*data_hash: yaml_data*

*  hierarchy:*

*- name: "Host Specifics"*

*  path: "hosts/%{facts.hostname}.yaml"*

*- name: "Attribute Specifics"*

*  mapped_paths: [ attributes, att, "attributes/%{att}.yaml" ]*

*- name: "Application List Specifics"*

*  mapped_paths: [ applicationlist, app, "application/%{app}.yaml" ]*

*- name: "Business Owner Specifics"*

*  path: "businessowner/%{facts.businessowner}.yaml"*

*- name: "Environment Specifics"*

*  path: "environment/%{facts.role}.yaml"*

*- name: "OS Specific"*

*  path: "os/%{facts.os.family}%{facts.os.release.major}.yaml"*

*- name: "Kernel Specific"*

*  path: "kernel/%{facts.kernel}.yaml"*

*- name: "Hardware Specific"*

*  path: "hardware/%{facts.productname}.yaml"*

*- name: "Site Specific"*

*  path: "site/%{facts.deriversite}.yaml"*

*- name: "Common Data"*

*  path: “common.yaml"*


On the agent I’m setting up some local facts that I need to control what 
comes back in the catalog.


*---*

*  derivedsite: 'cp1'*

*  hostdb:*

*role: 'development'*

*businessowner: ‘Infrastructure'*


*  attributes:*

*- 'DNS-Slave'*

*- 'Oracle'*

*  applicationlist:*

*- ‘test'*


The way I’m trying to debug this is via a parameter called sourcefact that 
is in all off the Hiera yaml files and is merged to show me which files are 
being used.


Local facts look like this 


*---*

*# Yaml file for Hiera - Common*

*  lookup_options:*

*sourcefact:*

*  merge: unique*

*profile::packages::os:*

*  merge: unique*

*"^profile::(.*)$":*

*  merge: deep *

*  sourcefact: ‘Common'*



When I run the puppet agent -t one of the lines looks like 


*Notice: Let's see what the Source variable says [DNS Slave, test, Linux, 
Common]*


Trouble is I can’t seem to get it to be consistent. The only facts I can 
seem to get the master to see are the attributes and applicationlist ones 
and they are both arrays end even then it only picks up the first element.


For this agent I would expect to see 


*Notice: Let's see what the Source variable says [Oracle ,DNS Slave, test, 
Linux, cp1, Common]*
I’m assuming I am doing something fundamentally wrong here - HELP 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/3b96dd74-90c3-4cc4-8dff-55245deea3d3n%40googlegroups.com.

Re: [Puppet Users] hiera merge lookup/alias of array defined at multiple levels

2021-09-03 Thread Mark Dixon

Hi Dirk,

Thanks so much for that, adding lookup_options in common.yaml worked :)

Ideally I'd like to put the setting as an argument to %{lookup()} or 
%{alias()} within hiera documents, but they don't seem to support that.

All the best,

Mark

On Friday, 3 September 2021 at 06:28:03 UTC+1 dhei...@opentext.com wrote:

> Am Donnerstag, dem 02.09.2021 um 08:46 -0700 schrieb Mark Dixon:
>
> I'd like to do a simple merge lookup of an array within a hiera yaml file. 
> At the moment I seem to be getting the array from the hiera location that 
> "wins", and not a merged version.
>
>
> You need to tell hiera to do so, probably in your common.yaml, by 
> specifying "lookup_options":
>
> ---
> lookup_options:
>   an_array:
> merge: unique
>
> or by specifying the merge behaviour when calling "lookup()", see 
> https://puppet.com/docs/puppet/6/hiera_automatic.html#lookup-merge-behaviors
>
> HTH...
>
> Dirk
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/c02a3fd7-5367-41aa-b02a-688de956352fn%40googlegroups.com.

Re: [Puppet Users] hiera merge lookup/alias of array defined at multiple levels

2021-09-02 Thread 'Dirk Heinrichs' via Puppet Users

Am Donnerstag, dem 02.09.2021 um 08:46 -0700 schrieb Mark Dixon:

> I'd like to do a simple merge lookup of an array within a hiera yaml
> file. At the moment I seem to be getting the array from the hiera
> location that "wins", and not a merged version.

You need to tell hiera to do so, probably in your common.yaml, by
specifying "lookup_options":

---
lookup_options:
an_array:
merge: unique

or by specifying the merge behaviour when calling "lookup()", see
https://puppet.com/docs/puppet/6/hiera_automatic.html#lookup-merge-behaviors

HTH...

Dirk
--
Dirk Heinrichs
Senior Systems Engineer, Delivery Pipeline
OpenText ™ Discovery | Recommind
Phone: +49 2226 15966 18
Email: dhein...@opentext.com
Website: www.recommind.de
Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach
Vertretungsberechtigte Geschäftsführer Gordon Davies, Madhu Ranganathan,
Christian Waida, Registergericht Amtsgericht Bonn, Registernummer HRB 10646
This e-mail may contain confidential and/or privileged information. If you are
not the intended recipient (or have received this e-mail in error) please
notify the sender immediately and destroy this e-mail. Any unauthorized
copying, disclosure or distribution of the material in this e-mail is strictly
forbidden
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen.
Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten
haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail.
Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail sind nicht
gestattet.

--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/0f9f7c925a0865675600903fa13bc226f68e391b.camel%40opentext.com.

signature.asc
Description: This is a digitally signed message part

[Puppet Users] hiera merge lookup/alias of array defined at multiple levels

2021-09-02 Thread Mark Dixon


Hi there,

I'd like to do a simple merge lookup of an array within a hiera yaml file. 
At the moment I seem to be getting the array from the hiera location that 
"wins", and not a merged version.

I guess it's not possible, perhaps due to possible circular dependencies, 
etc. Is that right, please?

Thanks,

Mark

e.g.

one_file_in_hiera_path.yaml:
"""
an_array:
- one
"""

another_file_in_hiera_path.yaml:
"""
an_array:
- two
"""

yet_another_file_in_hiera_path.yaml:
"""
merged_array_attempt1: "%{alias('an_array')}"

merged_array_attempt2: "%{lookup('an_array')}"
"""

Neither merged_array_attempt1 or merged_array_attempt2 returns the merged 
array, just the definition in one of the files.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/f880b0fd-de15-459f-b7c5-b77416622e93n%40googlegroups.com.

Re: [Puppet Users] Hiera lookup in hiera lookup

2021-05-18 Thread Erwin Bogaard

Indeed it was about looking up a value to use as part of a following 
lookup, so a lookup in a lookup.
I was already afraid this would not be possible.
Thanks for the suggestion of using separate yaml files, I'll explore that 
idea further.

On Tuesday, 18 May 2021 at 11:17:00 UTC+2 benri...@gmail.com wrote:

> Hi Erwin and Martin,
>
> I think there's a difference here - Erwin it seems you're trying to do 
> nested interpolation, while Martin it appears your example is for lookups 
> nested in hiera data.
>
> Erwin as far as I'm aware, nested interpolation in the manner you suggest 
> is not possible. At least I've not been able to get it to work, and I found 
> this engineering ticket a while back: 
> https://tickets.puppetlabs.com/plugins/servlet/mobile#issue/HI-532
>
> You can sometimes usually work around this by restructuring your hiera 
> data. In your example, perhaps you could have a prod.yaml and a test.yaml 
> file that each define their own env_hash, and then edit your hiera.yaml so 
> the node includes the correct file based on its environment (if you have 
> environment available as a fact) 
>
>
>
> On Tue, 18 May 2021, 6:38 pm Martin Alfke,  wrote:
>
>> Hi Erwin,
>>
>> Nested lookups are possible.
>>
>> We did a blog post on this topic:
>> https://blog.example42.com/2020/01/21/hiera-nested-lookups/
>>
>> Just be sure:
>>
>> A nested lookup (like in your example) always returns a string.
>> If you need arrays or hashes within a nested lookup you must use the 
>> alias function.
>>
>> hth,
>> Martin
>>
>> On 18. May 2021, at 10:23, Erwin Bogaard  wrote:
>>
>> Hi,
>>
>> I've been looking for this for a ling time, but can't find a definitive 
>> answer to my question: is it possible to use a lookup in a lookup?
>>
>> For example:
>> aaa::bbb: 
>> "mvn:com.xxx.bus/xxx-features/%{lookup('xxx::apps::env_hash.%{lookup('xxx::apps::env')}.yyy.version')}/xml/features"
>>
>> Should lead to the following string:
>> "mvn:com.xxx.bus/xxx-features/2.0.4/xml/features"
>>
>> If "xxx::apps::env" has the value 'test'.
>> And "xxx::apps::env_hash.test.yyy.version" has the value '2.0.4'.
>>
>> The idea is that I would like one variable, "xxx::apps::env", make it 
>> possible to switch in a hash from the 'test'-branch to the 'prod'-branch, 
>> for example. Where each branch in that hash contains certain specified 
>> different versions and/or other variables.
>>
>> Thanks!
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to puppet-users...@googlegroups.com.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/puppet-users/5068271c-bac1-4beb-b097-91803dbf3e2en%40googlegroups.com
>>  
>> 
>> .
>>
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to puppet-users...@googlegroups.com.
>>
> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/puppet-users/BFCDA3D6-80FA-4BFA-8E94-475F62A3A362%40gmail.com
>>  
>> 
>> .
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/cce33618-d424-46ed-b633-aec0976663f3n%40googlegroups.com.

Re: [Puppet Users] Hiera lookup in hiera lookup

2021-05-18 Thread Benjamin Ridley

Hi Erwin and Martin,

I think there's a difference here - Erwin it seems you're trying to do
nested interpolation, while Martin it appears your example is for lookups
nested in hiera data.

Erwin as far as I'm aware, nested interpolation in the manner you suggest
is not possible. At least I've not been able to get it to work, and I found
this engineering ticket a while back:
https://tickets.puppetlabs.com/plugins/servlet/mobile#issue/HI-532

You can sometimes usually work around this by restructuring your hiera
data. In your example, perhaps you could have a prod.yaml and a test.yaml
file that each define their own env_hash, and then edit your hiera.yaml so
the node includes the correct file based on its environment (if you have
environment available as a fact)



On Tue, 18 May 2021, 6:38 pm Martin Alfke,  wrote:

> Hi Erwin,
>
> Nested lookups are possible.
>
> We did a blog post on this topic:
> https://blog.example42.com/2020/01/21/hiera-nested-lookups/
>
> Just be sure:
>
> A nested lookup (like in your example) always returns a string.
> If you need arrays or hashes within a nested lookup you must use the alias
> function.
>
> hth,
> Martin
>
> On 18. May 2021, at 10:23, Erwin Bogaard  wrote:
>
> Hi,
>
> I've been looking for this for a ling time, but can't find a definitive
> answer to my question: is it possible to use a lookup in a lookup?
>
> For example:
> aaa::bbb:
> "mvn:com.xxx.bus/xxx-features/%{lookup('xxx::apps::env_hash.%{lookup('xxx::apps::env')}.yyy.version')}/xml/features"
>
> Should lead to the following string:
> "mvn:com.xxx.bus/xxx-features/2.0.4/xml/features"
>
> If "xxx::apps::env" has the value 'test'.
> And "xxx::apps::env_hash.test.yyy.version" has the value '2.0.4'.
>
> The idea is that I would like one variable, "xxx::apps::env", make it
> possible to switch in a hash from the 'test'-branch to the 'prod'-branch,
> for example. Where each branch in that hash contains certain specified
> different versions and/or other variables.
>
> Thanks!
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/5068271c-bac1-4beb-b097-91803dbf3e2en%40googlegroups.com
> 
> .
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/BFCDA3D6-80FA-4BFA-8E94-475F62A3A362%40gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABaapwLzVjv40a6%3D6LtTwS1ABk45dWPfCJdy6hTn8oSQAaJNMA%40mail.gmail.com.

Re: [Puppet Users] Hiera lookup in hiera lookup

2021-05-18 Thread Martin Alfke

Hi Erwin,

Nested lookups are possible.

We did a blog post on this topic:
https://blog.example42.com/2020/01/21/hiera-nested-lookups/ 


Just be sure:

A nested lookup (like in your example) always returns a string.
If you need arrays or hashes within a nested lookup you must use the alias 
function.

hth,
Martin

> On 18. May 2021, at 10:23, Erwin Bogaard  wrote:
> 
> Hi,
> 
> I've been looking for this for a ling time, but can't find a definitive 
> answer to my question: is it possible to use a lookup in a lookup?
> 
> For example:
> aaa::bbb: 
> "mvn:com.xxx.bus/xxx-features/%{lookup('xxx::apps::env_hash.%{lookup('xxx::apps::env')}.yyy.version')}/xml/features"
> 
> Should lead to the following string:
> "mvn:com.xxx.bus/xxx-features/2.0.4/xml/features"
> 
> If "xxx::apps::env" has the value 'test'.
> And "xxx::apps::env_hash.test.yyy.version" has the value '2.0.4'.
> 
> The idea is that I would like one variable, "xxx::apps::env", make it 
> possible to switch in a hash from the 'test'-branch to the 'prod'-branch, for 
> example. Where each branch in that hash contains certain specified different 
> versions and/or other variables.
> 
> Thanks!
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/5068271c-bac1-4beb-b097-91803dbf3e2en%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/BFCDA3D6-80FA-4BFA-8E94-475F62A3A362%40gmail.com.

[Puppet Users] Hiera lookup in hiera lookup

2021-05-18 Thread Erwin Bogaard

Hi,

I've been looking for this for a ling time, but can't find a definitive 
answer to my question: is it possible to use a lookup in a lookup?

For example:
aaa::bbb: 
"mvn:com.xxx.bus/xxx-features/%{lookup('xxx::apps::env_hash.%{lookup('xxx::apps::env')}.yyy.version')}/xml/features"

Should lead to the following string:
"mvn:com.xxx.bus/xxx-features/2.0.4/xml/features"

If "xxx::apps::env" has the value 'test'.
And "xxx::apps::env_hash.test.yyy.version" has the value '2.0.4'.

The idea is that I would like one variable, "xxx::apps::env", make it 
possible to switch in a hash from the 'test'-branch to the 'prod'-branch, 
for example. Where each branch in that hash contains certain specified 
different versions and/or other variables.

Thanks!

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/5068271c-bac1-4beb-b097-91803dbf3e2en%40googlegroups.com.

Re: [Puppet Users] Hiera data repetition

2021-02-28 Thread Martin Alfke

Hi Karsten,

> On 27. Feb 2021, at 18:18, Karsten Heymann  wrote:
> 
> Hi Martin,
> 
> regarding your "no lookup" policy, how do you handle for example deep merge 
> lookups. They cannot be used with automatic data binding, or am I wrong?
> 

we set the merge behavior using hiera data lookup_options.
https://blog.example42.com/2021/02/11/hiera-merge-behavior/ (at the end of the 
post you can see an example).
This allows you to not only set merge behaviour globally, but use the 
hierarchies to even set different lookup options.

e.g. you will deep merge the user hash from all hierarchies, except for one 
system:

# data/common.yaml
lookup_options:
  profile::base::usermgmt::users:
merge: 'deep'

# data/nodes/.yaml
lookup_options:
  profile::base::usermgmt::users:
merge: 'first'

Best,
Martin

> Regards
> Karsten
> 
> Am Sa., 27. Feb. 2021 um 13:06 Uhr schrieb Martin Alfke :
> Hi
> 
> > On 25. Feb 2021, at 11:59, Dmitry Nurislamov  wrote:
> > 
> > Hello. Sometimes it is desirable to define Hiera variables for usage in 
> > Hiera itself, i.e. variables that won't be looked up from Puppet manifests. 
> > We do this to avoid repetition. Here's an example of a variable used only 
> > in the file it is defined:
> > 
> > _internal_api_host: 'int.api.example.com'
> > profile::keepalived::vrrp_script:
> >   ping_internal_api:
> > script: "curl https://%{lookup('_internal_api_host')}/ping"
> > profile::nginx::servers:
> >   "%{alias('_internal_api_host')}":
> > ...
> > 
> > Sometimes we also define this kind of variables in one file but do lookups 
> > somewhere else:
> > 
> > hieradata/project/foo.yaml:
> > profile::base::network::interfaces:
> >   eth0:
> > method: 'static'
> > address: "%{lookup('_INTERNAL_IP')}/24"
> > 
> > hieradata/project/foo/foo1.yaml:
> > _INTERNAL_IP: '10.1.2.3'
> > 
> > For us this became an issue. There are no conventions, and therefore no 
> > consistency in our quite large hiera. Sometimes we can't even tell whether 
> > some variable is looked up from manifests or is "local" for Hiera. For 
> > example, the "_INTERNAL_IP" above is named 
> > "profile::base::network::intern_ip" in some projects.
> > 
> > The question is... Is this a normal practice? How do other folks handle 
> > these cases? I couldn't find any information regarding this. Thanks.
> 
> This is part of the way how you can implement hiera.
> We heavily use the same pattern to avoid duplicate data.
> Unluckily there is (yet?) no best practices written down.
> 
> Usually we have a pattern that we strictly follow:
> - Never set class parameters on module (technical component or library 
> module) level. Only set data on profile classes.
> - Only do automatic data binding, using profile class namespace on hiera 
> data, never do explizit lookups in profile classes.
>   - e.g.:profile::base::usermgmt::users: {}
> - nested lookups always use short key names, usually prefixed with company or 
> department or team short name
>   - e.g. company_ldap_pass
> 
> This pattern allows us to strictly separate data which are needed multiple 
> times in hiera.
> Using automatic data binding and the name convention on nested lookups, we 
> can easily identify if data is consumed by a class or needed hiera internally.
> 
> hth,
> Martin
> 
> 
> > 
> > -- 
> > You received this message because you are subscribed to the Google Groups 
> > "Puppet Users" group.
> > To unsubscribe from this group and stop receiving emails from it, send an 
> > email to puppet-users+unsubscr...@googlegroups.com.
> > To view this discussion on the web visit 
> > https://groups.google.com/d/msgid/puppet-users/282b3812-287a-4eb0-a838-591f2c3f925an%40googlegroups.com.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/77E8E860-ABA3-4B06-99C6-C294BB0EE750%40gmail.com.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/CAL017hDOZ7zoJqT0pbAyXVq4665TPDbOJ5Y-ELwUgzbaSofpKg%40mail.gmail.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/849CA551-45AD-47D7-9CB4-369595DAD605%40gmail.com.

Re: [Puppet Users] Hiera data repetition

2021-02-27 Thread Henrik Lindberg


On 2021-02-27 18:18, Karsten Heymann wrote:

Hi Martin,

regarding your "no lookup" policy, how do you handle for example deep 
merge lookups. They cannot be used with automatic data binding, or am I 
wrong?


Regards
Karsten


You can specify lookup_options per key in the hiera data itself. One of 
the options is if the lookup should be a deep merge or not. This is 
supported for all lookups (automatic or not) and was introduced 
especially to make it possible to do deep merge (and other things) when 
using APL).


Best,
- henrik




Am Sa., 27. Feb. 2021 um 13:06 Uhr schrieb Martin Alfke 
mailto:tux...@gmail.com>>:


Hi

 > On 25. Feb 2021, at 11:59, Dmitry Nurislamov mailto:dmnu...@gmail.com>> wrote:
 >
 > Hello. Sometimes it is desirable to define Hiera variables for
usage in Hiera itself, i.e. variables that won't be looked up from
Puppet manifests. We do this to avoid repetition. Here's an example
of a variable used only in the file it is defined:
 >
 >     _internal_api_host: 'int.api.example.com
'
 >     profile::keepalived::vrrp_script:
 >       ping_internal_api:
 >         script: "curl https://%{lookup('_internal_api_host')}/ping"
 >     profile::nginx::servers:
 >       "%{alias('_internal_api_host')}":
 >         ...
 >
 > Sometimes we also define this kind of variables in one file but
do lookups somewhere else:
 >
 > hieradata/project/foo.yaml:
 >     profile::base::network::interfaces:
 >       eth0:
 >         method: 'static'
 >         address: "%{lookup('_INTERNAL_IP')}/24"
 >
 > hieradata/project/foo/foo1.yaml:
 >     _INTERNAL_IP: '10.1.2.3'
 >
 > For us this became an issue. There are no conventions, and
therefore no consistency in our quite large hiera. Sometimes we
can't even tell whether some variable is looked up from manifests or
is "local" for Hiera. For example, the "_INTERNAL_IP" above is named
"profile::base::network::intern_ip" in some projects.
 >
 > The question is... Is this a normal practice? How do other folks
handle these cases? I couldn't find any information regarding this.
Thanks.

This is part of the way how you can implement hiera.
We heavily use the same pattern to avoid duplicate data.
Unluckily there is (yet?) no best practices written down.

Usually we have a pattern that we strictly follow:
- Never set class parameters on module (technical component or
library module) level. Only set data on profile classes.
- Only do automatic data binding, using profile class namespace on
hiera data, never do explizit lookups in profile classes.
   - e.g.:profile::base::usermgmt::users: {}
- nested lookups always use short key names, usually prefixed with
company or department or team short name
   - e.g. company_ldap_pass

This pattern allows us to strictly separate data which are needed
multiple times in hiera.
Using automatic data binding and the name convention on nested
lookups, we can easily identify if data is consumed by a class or
needed hiera internally.

hth,
Martin


 >
 > --
 > You received this message because you are subscribed to the
Google Groups "Puppet Users" group.
 > To unsubscribe from this group and stop receiving emails from it,
send an email to puppet-users+unsubscr...@googlegroups.com
.
 > To view this discussion on the web visit

https://groups.google.com/d/msgid/puppet-users/282b3812-287a-4eb0-a838-591f2c3f925an%40googlegroups.com

.

-- 
You received this message because you are subscribed to the Google

Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to puppet-users+unsubscr...@googlegroups.com
.
To view this discussion on the web visit

https://groups.google.com/d/msgid/puppet-users/77E8E860-ABA3-4B06-99C6-C294BB0EE750%40gmail.com

.

--
You received this message because you are subscribed to the Google 
Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to puppet-users+unsubscr...@googlegroups.com 
.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAL017hDOZ7zoJqT0pbAyXVq4665TPDbOJ5Y-ELwUgzbaSofpKg%40mail.gmail.com 
.



--

Visit my Blog "Puppet on the Edge"

Re: [Puppet Users] Hiera data repetition

2021-02-27 Thread Karsten Heymann

Hi Martin,

regarding your "no lookup" policy, how do you handle for example deep merge
lookups. They cannot be used with automatic data binding, or am I wrong?

Regards
Karsten

Am Sa., 27. Feb. 2021 um 13:06 Uhr schrieb Martin Alfke :

> Hi
>
> > On 25. Feb 2021, at 11:59, Dmitry Nurislamov  wrote:
> >
> > Hello. Sometimes it is desirable to define Hiera variables for usage in
> Hiera itself, i.e. variables that won't be looked up from Puppet manifests.
> We do this to avoid repetition. Here's an example of a variable used only
> in the file it is defined:
> >
> > _internal_api_host: 'int.api.example.com'
> > profile::keepalived::vrrp_script:
> >   ping_internal_api:
> > script: "curl https://%{lookup('_internal_api_host')}/ping"
> > profile::nginx::servers:
> >   "%{alias('_internal_api_host')}":
> > ...
> >
> > Sometimes we also define this kind of variables in one file but do
> lookups somewhere else:
> >
> > hieradata/project/foo.yaml:
> > profile::base::network::interfaces:
> >   eth0:
> > method: 'static'
> > address: "%{lookup('_INTERNAL_IP')}/24"
> >
> > hieradata/project/foo/foo1.yaml:
> > _INTERNAL_IP: '10.1.2.3'
> >
> > For us this became an issue. There are no conventions, and therefore no
> consistency in our quite large hiera. Sometimes we can't even tell whether
> some variable is looked up from manifests or is "local" for Hiera. For
> example, the "_INTERNAL_IP" above is named
> "profile::base::network::intern_ip" in some projects.
> >
> > The question is... Is this a normal practice? How do other folks handle
> these cases? I couldn't find any information regarding this. Thanks.
>
> This is part of the way how you can implement hiera.
> We heavily use the same pattern to avoid duplicate data.
> Unluckily there is (yet?) no best practices written down.
>
> Usually we have a pattern that we strictly follow:
> - Never set class parameters on module (technical component or library
> module) level. Only set data on profile classes.
> - Only do automatic data binding, using profile class namespace on hiera
> data, never do explizit lookups in profile classes.
>   - e.g.:profile::base::usermgmt::users: {}
> - nested lookups always use short key names, usually prefixed with company
> or department or team short name
>   - e.g. company_ldap_pass
>
> This pattern allows us to strictly separate data which are needed multiple
> times in hiera.
> Using automatic data binding and the name convention on nested lookups, we
> can easily identify if data is consumed by a class or needed hiera
> internally.
>
> hth,
> Martin
>
>
> >
> > --
> > You received this message because you are subscribed to the Google
> Groups "Puppet Users" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> an email to puppet-users+unsubscr...@googlegroups.com.
> > To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/282b3812-287a-4eb0-a838-591f2c3f925an%40googlegroups.com
> .
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/77E8E860-ABA3-4B06-99C6-C294BB0EE750%40gmail.com
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAL017hDOZ7zoJqT0pbAyXVq4665TPDbOJ5Y-ELwUgzbaSofpKg%40mail.gmail.com.

Re: [Puppet Users] Hiera data repetition

2021-02-27 Thread Martin Alfke

Hi

> On 25. Feb 2021, at 11:59, Dmitry Nurislamov  wrote:
> 
> Hello. Sometimes it is desirable to define Hiera variables for usage in Hiera 
> itself, i.e. variables that won't be looked up from Puppet manifests. We do 
> this to avoid repetition. Here's an example of a variable used only in the 
> file it is defined:
> 
> _internal_api_host: 'int.api.example.com'
> profile::keepalived::vrrp_script:
>   ping_internal_api:
> script: "curl https://%{lookup('_internal_api_host')}/ping"
> profile::nginx::servers:
>   "%{alias('_internal_api_host')}":
> ...
> 
> Sometimes we also define this kind of variables in one file but do lookups 
> somewhere else:
> 
> hieradata/project/foo.yaml:
> profile::base::network::interfaces:
>   eth0:
> method: 'static'
> address: "%{lookup('_INTERNAL_IP')}/24"
> 
> hieradata/project/foo/foo1.yaml:
> _INTERNAL_IP: '10.1.2.3'
> 
> For us this became an issue. There are no conventions, and therefore no 
> consistency in our quite large hiera. Sometimes we can't even tell whether 
> some variable is looked up from manifests or is "local" for Hiera. For 
> example, the "_INTERNAL_IP" above is named 
> "profile::base::network::intern_ip" in some projects.
> 
> The question is... Is this a normal practice? How do other folks handle these 
> cases? I couldn't find any information regarding this. Thanks.

This is part of the way how you can implement hiera.
We heavily use the same pattern to avoid duplicate data.
Unluckily there is (yet?) no best practices written down.

Usually we have a pattern that we strictly follow:
- Never set class parameters on module (technical component or library module) 
level. Only set data on profile classes.
- Only do automatic data binding, using profile class namespace on hiera data, 
never do explizit lookups in profile classes.
  - e.g.:profile::base::usermgmt::users: {}
- nested lookups always use short key names, usually prefixed with company or 
department or team short name
  - e.g. company_ldap_pass

This pattern allows us to strictly separate data which are needed multiple 
times in hiera.
Using automatic data binding and the name convention on nested lookups, we can 
easily identify if data is consumed by a class or needed hiera internally.

hth,
Martin


> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/282b3812-287a-4eb0-a838-591f2c3f925an%40googlegroups.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/77E8E860-ABA3-4B06-99C6-C294BB0EE750%40gmail.com.

[Puppet Users] Hiera data repetition

2021-02-26 Thread Dmitry Nurislamov

Hello. Sometimes it is desirable to define Hiera variables for usage in
Hiera itself, i.e. variables that won't be looked up from Puppet manifests.
We do this to avoid repetition. Here's an example of a variable used only
in the file it is defined:

_internal_api_host: 'int.api.example.com'
profile::keepalived::vrrp_script:
ping_internal_api:
script: "curl https://%{lookup('_internal_api_host')}/ping"
profile::nginx::servers:
"%{alias('_internal_api_host')}":
...

Sometimes we also define this kind of variables in one file but do lookups
somewhere else:

hieradata/project/foo.yaml:
profile::base::network::interfaces:
eth0:
method: 'static'
address: "%{lookup('_INTERNAL_IP')}/24"

hieradata/project/foo/foo1.yaml:
_INTERNAL_IP: '10.1.2.3'

For us this became an issue. There are no conventions, and therefore no
consistency in our quite large hiera. Sometimes we can't even tell whether
some variable is looked up from manifests or is "local" for Hiera. For
example, the "_INTERNAL_IP" above is named
"profile::base::network::intern_ip" in some projects.

The question is... Is this a normal practice? How do other folks handle
these cases? I couldn't find any information regarding this. Thanks.

--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/282b3812-287a-4eb0-a838-591f2c3f925an%40googlegroups.com.

[Puppet Users] hiera v3 to v5 with puppet apply

2020-06-15 Thread Peter Dutton

Hi all,

I am using puppet in a 'standalone', or 'masterless' capacity to manage the 
configurations of different server roles. I'm doing this by using 'puppet 
apply' with a different environment depending on the situation. For example 
for local development:

puppet apply --modulepath=modules --hiera_config=environments/hiera.yaml --
environment=devLocal manifests/init.pp


I'm upgrading the infrastructure and am having trouble converting my 
workflow to the newer version. I have converted the hiera() function calls 
to lookup(), and have moved logic around in the hiera.yaml files so that 
now it should be processing the correct file when the command runs. 


However I currently get an error for each hiera variable, for example: "The 
Lookup Configuration at 
'/tmp/vagrant-puppet/environments/devLocal/hiera.yaml' has wrong type, 
unrecognized key 'server_role'"

The file itself (reduced for simplicity) looks as follows 
(environments/devLocal/hiera.yaml):


version: 5


server_role: "frontend"



The code in environments/hiera.yaml is as follows:

version: 5


defaults:
  datadir: "environments"
  data_hash: yaml_data


hierarchy:
  - name: "env"
path: "%{environment}/hiera.yaml"




Does anyone have any suggestions on how I can make this work?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/5f5bb8a3-26e9-4386-a961-be02583a885fo%40googlegroups.com.

RE: [Puppet Users] hiera with environments

2020-06-12 Thread Bart-Jan Vrielink

Hello,



Control Repo and R10K work fine with Puppet OSS and is the recommended 
architecture for using multiple environments with Puppet.



PE Code Manager is indeed only for PE, but in most cases is just a fancy name 
for R10K.



-Original message-
From: solarflow 99 
Sent: Thursday 11th June 2020 19:45
To: Puppet Users 
Subject: Re: [Puppet Users] hiera with environments

hi, thanks for the reply.  This is all for PE, but i'm using puppet 6 OSS..

It used to work this way in 5.5 too, so I don't understand why its not seeing 
hiera in the preprod environment.  I could always do this:

- make changed in preprod, and git commit there
- cd to prod, then:
- git remote update, 
- git merge --ff-only preprod/master
- cd back to preprod, then
- git pull



On Thursday, June 11, 2020 at 1:54:13 AM UTC-7, Martin Alfke wrote:
Hi,

You should change to using a control-repo and adopt your codebase.
https://puppet.com/docs/pe/2018.1/control_repo.html
https://github.com/puppetlabs/best-practices/blob/master/puppet-modules-and-the-control-repo.md

We recommend (assuming you use a git based control-repo and r10k or PE code 
manager for deployment):

1. Copy your global hiera.yaml file (etc/puppetlabs/puppet/hiera.yaml) to each 
of your environments.
2. Remove global hiera.yaml file
3. Just use data or hieradata as datadir. Not the complete path.
4. Use relative paths in your environment.conf file
5. Instead of having different hieradata per environment we recommend to add an 
environment hierarchy.

You can also separate your hieradata from control-repo and make them an 
individual git repo.
In this case you can add hieradata as a module to your puppet file and change 
the path in hiera.yaml file.

You can find examples on how to achieve this in our Puppet Infrastructure 
Construction Kit (https://github.com/example42/psick)
https://github.com/example42/psick/blob/production/Puppetfile#L7
Here we deploy the same branch name - when existing on hieradata repo - and 
fall back to master branch.

Hth,
Martin


On 9. Jun 2020, at 07:46, solarflow 99  wrote:

I have this strange problem where I just upgraded from puppetserver 5.5 to 6, 
and now the 2nd environment doesn't see hiera values, but the production 
environment does.  I wonder if top level lookups don't work anymore?  Here's 
how I have it configured:


Here's my directory layout:

code
└── environments
    ├── preprod
    │   ├── environment.conf
    │   ├── gitclone
    │   │   └── production
    │   │   ├── hieradata
    │   │   │   ├── common.yaml
    │   │   │   └── nodes
    │   │   ├── manifests
    │   │   │   ├── nodes.pp
    │   │   │   └── site.pp
    │   │   └── modules
    └── production
    ├── hieradata
    │   ├── common.yaml
    │   └── nodes
    ├── manifests
    │   ├── nodes.pp
    │   └── site.pp
    └── modules






/etc/puppetlabs/puppet:

$ cat hiera.yaml 
---
version: 5
defaults:
  # The default value for "datadir" is "data" under the same directory as the 
hiera.yaml
  # file (this file)
  # When specifying a datadir, make sure the directory exists.
  # See https://puppet.com/docs/puppet/latest/environments_about.html for 
further details on environments.
  # datadir: data
  # data_hash: yaml_data

  datadir: "/etc/puppetlabs/code/environments/%{::environment}/hieradata"
  data_hash: yaml_data


hierarchy:
  - name: "Per-node data (yaml version)"
    path: "nodes/%{::trusted.certname}.yaml"
  - name: "Other YAML hierarchy levels"
    paths:
  - "common.yaml"





/etc/puppetlabs/code/environments/preprod:


$ ls -la
total 4
drwxr-xr-x  3 root root  62 Jun  8 21:44 ./
drwxr-xr-x. 4 root root  39 Jun  8 14:33 ../
-rw-r--r--  1 root root 142 Jun  8 14:38 environment.conf
drwxr-xr-x  3 root root  24 Jun  8 14:36 gitclone/
lrwxrwxrwx  1 root root  29 Jun  8 21:44 hierdata -> 
gitclone/production/hieradata/





$ cat environment.conf 
manifest = $codedir/environments/preprod/gitclone/production/manifests
modulepath = $codedir/environments/preprod/gitclone/production/modules





 
$ cat hierdata/common.yaml 
---
infraserver: 'bigmachine.local'




$ cat site.pp 

$infraserver  = hiera( 'infraserver' )




But the clients don't see it in preprod, failing their puppet runs, and the 
codebase is exactly the same:

Error 500 on SERVER: Server Error: Function lookup() did not find a value for 
the name 'infraserver' on node dev1.local


$ puppet lookup infraserver --environment production --node dev1.local
--- bigmachine.local
 
$ puppet lookup infraserver --environment preprod --node dev1.local



-- 
 You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
 To unsubscribe from this group and stop receiving emails from it, send an 
email to puppet...@googlegroups.com

Re: [Puppet Users] hiera with environments

2020-06-11 Thread solarflow 99

dohh!  I can't believe I didn't even notice that darn typo, 

thats all it was too, its working fine now.  Thanks a lot for pointing that 
out!  Hopefully this example might help someone else out at least.

I should have seen that...




On Thursday, June 11, 2020 at 11:06:22 AM UTC-7, Nick Bertrand wrote:
>
> Hi,
>
> Perhaps it was just a typo in the email, but it looks like there might be 
> a typo in one of your filenames:
>
> lrwxrwxrwx  1 root root  29 Jun  8 21:44 hierdata -> 
>> gitclone/production/hieradata/
>>
>
> Should this have been 'hieradata' instead of 'hierdata'?
>
> Nick
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/57811d7b-18c1-4da6-9f5d-ce4b8b9b4e58o%40googlegroups.com.

Re: [Puppet Users] hiera with environments

2020-06-11 Thread Nick Bertrand

Hi,

Perhaps it was just a typo in the email, but it looks like there might be a
typo in one of your filenames:

lrwxrwxrwx  1 root root  29 Jun  8 21:44 hierdata ->
> gitclone/production/hieradata/
>

Should this have been 'hieradata' instead of 'hierdata'?

Nick

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAP15v%2B-xgzovxaG4UYur24NtLgF186n%3DnFsG8aybbmEOC-zGFQ%40mail.gmail.com.

Re: [Puppet Users] hiera with environments

2020-06-11 Thread solarflow 99

hi, thanks for the reply.  This is all for PE, but i'm using puppet 6 OSS..

It used to work this way in 5.5 too, so I don't understand why its not 
seeing hiera in the preprod environment.  I could always do this:

- make changed in preprod, and git commit there
- cd to prod, then:
- git remote update, 
- git merge --ff-only preprod/master
- cd back to preprod, then
- git pull



On Thursday, June 11, 2020 at 1:54:13 AM UTC-7, Martin Alfke wrote:
>
> Hi,
>
> You should change to using a control-repo and adopt your codebase.
> https://puppet.com/docs/pe/2018.1/control_repo.html
>
> https://github.com/puppetlabs/best-practices/blob/master/puppet-modules-and-the-control-repo.md
>
> We recommend (assuming you use a git based control-repo and r10k or PE 
> code manager for deployment):
>
> 1. Copy your global hiera.yaml file (etc/puppetlabs/puppet/hiera.yaml) to 
> each of your environments.
> 2. Remove global hiera.yaml file
> 3. Just use data or hieradata as datadir. Not the complete path.
> 4. Use relative paths in your environment.conf file
> 5. Instead of having different hieradata per environment we recommend to 
> add an environment hierarchy.
>
> You can also separate your hieradata from control-repo and make them an 
> individual git repo.
> In this case you can add hieradata as a module to your puppet file and 
> change the path in hiera.yaml file.
>
> You can find examples on how to achieve this in our Puppet Infrastructure 
> Construction Kit (https://github.com/example42/psick)
> https://github.com/example42/psick/blob/production/Puppetfile#L7
> Here we deploy the same branch name - when existing on hieradata repo - 
> and fall back to master branch.
>
> Hth,
> Martin
>
>
> On 9. Jun 2020, at 07:46, solarflow 99 > 
> wrote:
>
> I have this strange problem where I just upgraded from puppetserver 5.5 to 
> 6, and now the 2nd environment doesn't see hiera values, but the production 
> environment does.  I wonder if top level lookups don't work anymore?  
> Here's how I have it configured:
>
>
> Here's my directory layout:
>
> code
> └── environments
> ├── preprod
> │   ├── environment.conf
> │   ├── gitclone
> │   │   └── production
> │   │   ├── hieradata
> │   │   │   ├── common.yaml
> │   │   │   └── nodes
> │   │   ├── manifests
> │   │   │   ├── nodes.pp
> │   │   │   └── site.pp
> │   │   └── modules
> └── production
> ├── hieradata
> │   ├── common.yaml
> │   └── nodes
> ├── manifests
> │   ├── nodes.pp
> │   └── site.pp
> └── modules
>
>
>
>
>
>
> /etc/puppetlabs/puppet:
>
> $ cat hiera.yaml 
> ---
> version: 5
> defaults:
>   # The default value for "datadir" is "data" under the same directory as 
> the hiera.yaml
>   # file (this file)
>   # When specifying a datadir, make sure the directory exists.
>   # See https://puppet.com/docs/puppet/latest/environments_about.html for 
> further details on environments.
>   # datadir: data
>   # data_hash: yaml_data
>
>   datadir: "/etc/puppetlabs/code/environments/%{::environment}/hieradata"
>   data_hash: yaml_data
>
>
> hierarchy:
>   - name: "Per-node data (yaml version)"
> path: "nodes/%{::trusted.certname}.yaml"
>   - name: "Other YAML hierarchy levels"
> paths:
>   - "common.yaml"
>
>
>
>
>
> /etc/puppetlabs/code/environments/preprod:
>
>
> $ ls -la
> total 4
> drwxr-xr-x  3 root root  62 Jun  8 21:44 ./
> drwxr-xr-x. 4 root root  39 Jun  8 14:33 ../
> -rw-r--r--  1 root root 142 Jun  8 14:38 environment.conf
> drwxr-xr-x  3 root root  24 Jun  8 14:36 gitclone/
> lrwxrwxrwx  1 root root  29 Jun  8 21:44 hierdata -> 
> gitclone/production/hieradata/
>
>
>
>
>
> $ cat environment.conf 
> manifest = $codedir/environments/preprod/gitclone/production/manifests
> modulepath = $codedir/environments/preprod/gitclone/production/modules
>
>
>
>
>
>  
> $ cat hierdata/common.yaml 
> ---
> infraserver: 'bigmachine.local'
>
>
>
>
> $ cat site.pp 
>
> $infraserver  = hiera( 'infraserver' )
>
>
>
>
> But the clients don't see it in preprod, failing their puppet runs, and 
> the codebase is exactly the same:
>
> Error 500 on SERVER: Server Error: Function lookup() did not find a value 
> for the name 'infraserver' on node dev1.local
>
>
> $ puppet lookup infraserver --environment production --node dev1.local
> --- bigmachine.local
>  
> $ puppet lookup infraserver --environment preprod --node dev1.local
>
>
>
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet...@googlegroups.com .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/a0655c3e-9b5e-4097-a793-60f3117df82do%40googlegroups.com
>  
>

Re: [Puppet Users] hiera with environments

2020-06-11 Thread Martin Alfke

Hi,

You should change to using a control-repo and adopt your codebase.
https://puppet.com/docs/pe/2018.1/control_repo.html 

https://github.com/puppetlabs/best-practices/blob/master/puppet-modules-and-the-control-repo.md
 


We recommend (assuming you use a git based control-repo and r10k or PE code 
manager for deployment):

1. Copy your global hiera.yaml file (etc/puppetlabs/puppet/hiera.yaml) to each 
of your environments.
2. Remove global hiera.yaml file
3. Just use data or hieradata as datadir. Not the complete path.
4. Use relative paths in your environment.conf file
5. Instead of having different hieradata per environment we recommend to add an 
environment hierarchy.

You can also separate your hieradata from control-repo and make them an 
individual git repo.
In this case you can add hieradata as a module to your puppet file and change 
the path in hiera.yaml file.

You can find examples on how to achieve this in our Puppet Infrastructure 
Construction Kit (https://github.com/example42/psick 
)
https://github.com/example42/psick/blob/production/Puppetfile#L7 

Here we deploy the same branch name - when existing on hieradata repo - and 
fall back to master branch.

Hth,
Martin


> On 9. Jun 2020, at 07:46, solarflow 99  wrote:
> 
> I have this strange problem where I just upgraded from puppetserver 5.5 to 6, 
> and now the 2nd environment doesn't see hiera values, but the production 
> environment does.  I wonder if top level lookups don't work anymore?  Here's 
> how I have it configured:
> 
> 
> Here's my directory layout:
> 
> code
> └── environments
> ├── preprod
> │   ├── environment.conf
> │   ├── gitclone
> │   │   └── production
> │   │   ├── hieradata
> │   │   │   ├── common.yaml
> │   │   │   └── nodes
> │   │   ├── manifests
> │   │   │   ├── nodes.pp
> │   │   │   └── site.pp
> │   │   └── modules
> └── production
> ├── hieradata
> │   ├── common.yaml
> │   └── nodes
> ├── manifests
> │   ├── nodes.pp
> │   └── site.pp
> └── modules
> 
> 
> 
> 
> 
> 
> /etc/puppetlabs/puppet:
> 
> $ cat hiera.yaml 
> ---
> version: 5
> defaults:
>   # The default value for "datadir" is "data" under the same directory as the 
> hiera.yaml
>   # file (this file)
>   # When specifying a datadir, make sure the directory exists.
>   # See https://puppet.com/docs/puppet/latest/environments_about.html for 
> further details on environments.
>   # datadir: data
>   # data_hash: yaml_data
> 
>   datadir: "/etc/puppetlabs/code/environments/%{::environment}/hieradata"
>   data_hash: yaml_data
> 
> 
> hierarchy:
>   - name: "Per-node data (yaml version)"
> path: "nodes/%{::trusted.certname}.yaml"
>   - name: "Other YAML hierarchy levels"
> paths:
>   - "common.yaml"
> 
> 
> 
> 
> 
> /etc/puppetlabs/code/environments/preprod:
> 
> 
> $ ls -la
> total 4
> drwxr-xr-x  3 root root  62 Jun  8 21:44 ./
> drwxr-xr-x. 4 root root  39 Jun  8 14:33 ../
> -rw-r--r--  1 root root 142 Jun  8 14:38 environment.conf
> drwxr-xr-x  3 root root  24 Jun  8 14:36 gitclone/
> lrwxrwxrwx  1 root root  29 Jun  8 21:44 hierdata -> 
> gitclone/production/hieradata/
> 
> 
> 
> 
> 
> $ cat environment.conf 
> manifest = $codedir/environments/preprod/gitclone/production/manifests
> modulepath = $codedir/environments/preprod/gitclone/production/modules
> 
> 
> 
> 
> 
>  
> $ cat hierdata/common.yaml 
> ---
> infraserver: 'bigmachine.local'
> 
> 
> 
> 
> $ cat site.pp 
> 
> $infraserver  = hiera( 'infraserver' )
> 
> 
> 
> 
> But the clients don't see it in preprod, failing their puppet runs, and the 
> codebase is exactly the same:
> 
> Error 500 on SERVER: Server Error: Function lookup() did not find a value for 
> the name 'infraserver' on node dev1.local
> 
> 
> $ puppet lookup infraserver --environment production --node dev1.local
> --- bigmachine.local
>  
> $ puppet lookup infraserver --environment preprod --node dev1.local
> 
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/a0655c3e-9b5e-4097-a793-60f3117df82do%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe f

[Puppet Users] hiera with environments

2020-06-08 Thread solarflow 99

I have this strange problem where I just upgraded from puppetserver 5.5 to 
6, and now the 2nd environment doesn't see hiera values, but the production 
environment does.  I wonder if top level lookups don't work anymore?  
Here's how I have it configured:


Here's my directory layout:

code
└── environments
├── preprod
│   ├── environment.conf
│   ├── gitclone
│   │   └── production
│   │   ├── hieradata
│   │   │   ├── common.yaml
│   │   │   └── nodes
│   │   ├── manifests
│   │   │   ├── nodes.pp
│   │   │   └── site.pp
│   │   └── modules
└── production
├── hieradata
│   ├── common.yaml
│   └── nodes
├── manifests
│   ├── nodes.pp
│   └── site.pp
└── modules






/etc/puppetlabs/puppet:

$ cat hiera.yaml 
---
version: 5
defaults:
  # The default value for "datadir" is "data" under the same directory as 
the hiera.yaml
  # file (this file)
  # When specifying a datadir, make sure the directory exists.
  # See https://puppet.com/docs/puppet/latest/environments_about.html for 
further details on environments.
  # datadir: data
  # data_hash: yaml_data

  datadir: "/etc/puppetlabs/code/environments/%{::environment}/hieradata"
  data_hash: yaml_data


hierarchy:
  - name: "Per-node data (yaml version)"
path: "nodes/%{::trusted.certname}.yaml"
  - name: "Other YAML hierarchy levels"
paths:
  - "common.yaml"





/etc/puppetlabs/code/environments/preprod:


$ ls -la
total 4
drwxr-xr-x  3 root root  62 Jun  8 21:44 ./
drwxr-xr-x. 4 root root  39 Jun  8 14:33 ../
-rw-r--r--  1 root root 142 Jun  8 14:38 environment.conf
drwxr-xr-x  3 root root  24 Jun  8 14:36 gitclone/
lrwxrwxrwx  1 root root  29 Jun  8 21:44 hierdata -> 
gitclone/production/hieradata/





$ cat environment.conf 
manifest = $codedir/environments/preprod/gitclone/production/manifests
modulepath = $codedir/environments/preprod/gitclone/production/modules





 
$ cat hierdata/common.yaml 
---
infraserver: 'bigmachine.local'




$ cat site.pp 

$infraserver  = hiera( 'infraserver' )




But the clients don't see it in preprod, failing their puppet runs, and the 
codebase is exactly the same:

Error 500 on SERVER: Server Error: Function lookup() did not find a value 
for the name 'infraserver' on node dev1.local


$ puppet lookup infraserver --environment production --node dev1.local
--- bigmachine.local
 
$ puppet lookup infraserver --environment preprod --node dev1.local


-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/a0655c3e-9b5e-4097-a793-60f3117df82do%40googlegroups.com.

Re: [EXTERNAL] - Re: [Puppet Users] Hiera Setup Lookup Complaining

2020-03-03 Thread Dirk Heinrichs

Am Dienstag, den 03.03.2020, 11:14 +0100 schrieb Martin Alfke:

sshdconfig::match_address: "xx.xx.xx.xx"

Just to clarify: Is "puppet lookup" supposed to find
"sshdconfig::match_address" when only "match_address" was given

No!

That was my thought, too. So the "puppet lookup" command (see first post) was
(also) wrong.

Bye...

Dirk

Dirk Heinrichs
Senior Systems Engineer, Delivery Pipeline
OpenText ™ Discovery | Recommind
Phone: +49 2226 15966 18
Email: dhein...@opentext.com
Website: www.recommind.de
Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach
Vertretungsberechtigte Geschäftsführer Gordon Davies, Madhu Ranganathan,
Christian Waida, Registergericht Amtsgericht Bonn, Registernummer HRB 10646
This e-mail may contain confidential and/or privileged information. If you are
not the intended recipient (or have received this e-mail in error) please
notify the sender immediately and destroy this e-mail. Any unauthorized
copying, disclosure or distribution of the material in this e-mail is strictly
forbidden
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen.
Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten
haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail.
Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail sind nicht
gestattet.

--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/37b5e2917123056489d818d846219620b47f9056.camel%40opentext.com.

Re: [EXTERNAL] - Re: [Puppet Users] Hiera Setup Lookup Complaining

2020-03-03 Thread Martin Alfke

Hi,


> 
> Am Mittwoch, den 26.02.2020, 05:57 -0800 schrieb Dan Crisp:
> 
>> sshdconfig::match_address: "xx.xx.xx.xx"
> 
> Just to clarify: Is "puppet lookup" supposed to find 
> "sshdconfig::match_address" when only "match_address" was given

No!
Hiera looks for a string based key, not regex.

You must specify the full string when using puppet lookup

puppet lookup sshdconfig::match_address —explain …

Same is for Puppet Code:

$match_address = lookup(’sshdconfig::match_address’)

Consider the following: you have 3 classes which use a $port parameter.
Which one to take? The one for ssh Class, apache class, postfix class?
That is the reason why you must provide a parameter with its namespace (=class 
name).


Hth,
Martin


-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/E331FDB9-409D-4614-9201-95839A6E3A28%40gmail.com.

Re: [EXTERNAL] - Re: [Puppet Users] Hiera Setup Lookup Complaining

2020-03-03 Thread Dirk Heinrichs

Am Mittwoch, den 26.02.2020, 05:57 -0800 schrieb Dan Crisp:

sshdconfig::match_address: "xx.xx.xx.xx"

Just to clarify: Is "puppet lookup" supposed to find
"sshdconfig::match_address" when only "match_address" was given?

Bye...

Dirk

Dirk Heinrichs
Senior Systems Engineer, Delivery Pipeline
OpenText ™ Discovery | Recommind
Phone: +49 2226 15966 18
Email: dhein...@opentext.com
Website: www.recommind.de
Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach
Vertretungsberechtigte Geschäftsführer Gordon Davies, Madhu Ranganathan,
Christian Waida, Registergericht Amtsgericht Bonn, Registernummer HRB 10646
This e-mail may contain confidential and/or privileged information. If you are
not the intended recipient (or have received this e-mail in error) please
notify the sender immediately and destroy this e-mail. Any unauthorized
copying, disclosure or distribution of the material in this e-mail is strictly
forbidden
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen.
Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten
haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail.
Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail sind nicht
gestattet.

--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/bab68374d28fdb55345f98a1a576abee3cb6b61f.camel%40opentext.com.

Re: [Puppet Users] Hiera Array Only Returns Last Line

2020-03-01 Thread Dan Crisp

Perfect!!!  Thank you Martin.

On Saturday, February 29, 2020 at 3:49:04 PM UTC, Martin Alfke wrote:
>
> Sorry. wrong function: 
>
> content => $set.join("\n") 
>
> hth, 
> martin 
>
>
> > On 29. Feb 2020, at 15:56, Dan Crisp > 
> wrote: 
> > 
> > Thanks for the respone Martin.  Unfortunately that made no difference. 
>  Still only end up with one line. 
> > 
> > Thanks, 
> > Dan. 
> > 
> > On Saturday, February 29, 2020 at 2:44:38 PM UTC, Martin Alfke wrote: 
> > AFAIK content expects a string. 
> > Maybe you can try 
> > 
> > content => $set.flatten 
> > 
> > hth, 
> > martin 
> > 
> > 
> > > On 29. Feb 2020, at 14:42, Dan Crisp  wrote: 
> > > 
> > > Hi, 
> > > 
> > > Attempting to popualte a file with a hiera array.   
> > > 
> > > I have the following hiera defined: 
> > > 
> > > # more common.yaml 
> > > vimrc: 
> > >   - 'syntax on' 
> > >   - 'colo delek' 
> > >   - 'set nu' 
> > >   - 'set cursorline' 
> > >   - 'set history=1000' 
> > >   - 'set showmode' 
> > >   - 'set showcmd' 
> > > 
> > > Puppet lookup seems to return what I expect to see: 
> > > 
> > > # puppet lookup vimrc 
> > > --- 
> > > - syntax on 
> > > - colo delek 
> > > - set nu 
> > > - set cursorline 
> > > - set history=1000 
> > > - set showmode 
> > > - set showcmd 
> > > 
> > > Here's how I'm call the hiera array: 
> > > 
> > > class base::vim { 
> > > 
> > >   $set = lookup('vimrc', Array[String]) 
> > > 
> > >   package { 'vim': ensure => installed, } 
> > > 
> > >   file { '/root/.vimrc': 
> > > owner=> root, 
> > > group=> root, 
> > > mode => '0644', 
> > > content  => $set, 
> > >   } 
> > > 
> > > } 
> > > 
> > > However I just end up with the last line of the arrary: 
> > > 
> > > # more .vimrc 
> > > set showcmd 
> > > 
> > > Any help here would be greatly appreciated. 
> > > 
> > > Thanks, 
> > > Dan. 
> > > 
> > > -- 
> > > You received this message because you are subscribed to the Google 
> Groups "Puppet Users" group. 
> > > To unsubscribe from this group and stop receiving emails from it, send 
> an email to puppet...@googlegroups.com. 
> > > To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/3620a92d-f2d2-43a4-9f92-4d12c3f0c45f%40googlegroups.com.
>  
>
> > 
> > 
> > -- 
> > You received this message because you are subscribed to the Google 
> Groups "Puppet Users" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> an email to puppet...@googlegroups.com . 
> > To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/d30de2a4-a70b-41df-a9d3-f65001498be7%40googlegroups.com.
>  
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/b053934a-508a-414b-a826-b0a2f1e1e078%40googlegroups.com.

Re: [Puppet Users] Hiera Array Only Returns Last Line

2020-02-29 Thread Martin Alfke

Sorry. wrong function:

content => $set.join("\n")

hth,
martin


> On 29. Feb 2020, at 15:56, Dan Crisp  wrote:
> 
> Thanks for the respone Martin.  Unfortunately that made no difference.  Still 
> only end up with one line.
> 
> Thanks,
> Dan.
> 
> On Saturday, February 29, 2020 at 2:44:38 PM UTC, Martin Alfke wrote:
> AFAIK content expects a string. 
> Maybe you can try 
> 
> content => $set.flatten 
> 
> hth, 
> martin 
> 
> 
> > On 29. Feb 2020, at 14:42, Dan Crisp  wrote: 
> > 
> > Hi, 
> > 
> > Attempting to popualte a file with a hiera array.   
> > 
> > I have the following hiera defined: 
> > 
> > # more common.yaml 
> > vimrc: 
> >   - 'syntax on' 
> >   - 'colo delek' 
> >   - 'set nu' 
> >   - 'set cursorline' 
> >   - 'set history=1000' 
> >   - 'set showmode' 
> >   - 'set showcmd' 
> > 
> > Puppet lookup seems to return what I expect to see: 
> > 
> > # puppet lookup vimrc 
> > --- 
> > - syntax on 
> > - colo delek 
> > - set nu 
> > - set cursorline 
> > - set history=1000 
> > - set showmode 
> > - set showcmd 
> > 
> > Here's how I'm call the hiera array: 
> > 
> > class base::vim { 
> > 
> >   $set = lookup('vimrc', Array[String]) 
> > 
> >   package { 'vim': ensure => installed, } 
> > 
> >   file { '/root/.vimrc': 
> > owner=> root, 
> > group=> root, 
> > mode => '0644', 
> > content  => $set, 
> >   } 
> > 
> > } 
> > 
> > However I just end up with the last line of the arrary: 
> > 
> > # more .vimrc 
> > set showcmd 
> > 
> > Any help here would be greatly appreciated. 
> > 
> > Thanks, 
> > Dan. 
> > 
> > -- 
> > You received this message because you are subscribed to the Google Groups 
> > "Puppet Users" group. 
> > To unsubscribe from this group and stop receiving emails from it, send an 
> > email to puppet...@googlegroups.com. 
> > To view this discussion on the web visit 
> > https://groups.google.com/d/msgid/puppet-users/3620a92d-f2d2-43a4-9f92-4d12c3f0c45f%40googlegroups.com.
> >  
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/d30de2a4-a70b-41df-a9d3-f65001498be7%40googlegroups.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/BACFAD74-D69C-445E-8244-126020CCA29B%40gmail.com.

Re: [Puppet Users] Hiera Array Only Returns Last Line

2020-02-29 Thread Dan Crisp

Thanks for the respone Martin.  Unfortunately that made no difference.  
Still only end up with one line.

Thanks,
Dan.

On Saturday, February 29, 2020 at 2:44:38 PM UTC, Martin Alfke wrote:
>
> AFAIK content expects a string. 
> Maybe you can try 
>
> content => $set.flatten 
>
> hth, 
> martin 
>
>
> > On 29. Feb 2020, at 14:42, Dan Crisp > 
> wrote: 
> > 
> > Hi, 
> > 
> > Attempting to popualte a file with a hiera array.   
> > 
> > I have the following hiera defined: 
> > 
> > # more common.yaml 
> > vimrc: 
> >   - 'syntax on' 
> >   - 'colo delek' 
> >   - 'set nu' 
> >   - 'set cursorline' 
> >   - 'set history=1000' 
> >   - 'set showmode' 
> >   - 'set showcmd' 
> > 
> > Puppet lookup seems to return what I expect to see: 
> > 
> > # puppet lookup vimrc 
> > --- 
> > - syntax on 
> > - colo delek 
> > - set nu 
> > - set cursorline 
> > - set history=1000 
> > - set showmode 
> > - set showcmd 
> > 
> > Here's how I'm call the hiera array: 
> > 
> > class base::vim { 
> > 
> >   $set = lookup('vimrc', Array[String]) 
> > 
> >   package { 'vim': ensure => installed, } 
> > 
> >   file { '/root/.vimrc': 
> > owner=> root, 
> > group=> root, 
> > mode => '0644', 
> > content  => $set, 
> >   } 
> > 
> > } 
> > 
> > However I just end up with the last line of the arrary: 
> > 
> > # more .vimrc 
> > set showcmd 
> > 
> > Any help here would be greatly appreciated. 
> > 
> > Thanks, 
> > Dan. 
> > 
> > -- 
> > You received this message because you are subscribed to the Google 
> Groups "Puppet Users" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> an email to puppet...@googlegroups.com . 
> > To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/3620a92d-f2d2-43a4-9f92-4d12c3f0c45f%40googlegroups.com.
>  
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/d30de2a4-a70b-41df-a9d3-f65001498be7%40googlegroups.com.

Re: [Puppet Users] Hiera Array Only Returns Last Line

2020-02-29 Thread Martin Alfke

AFAIK content expects a string.
Maybe you can try

content => $set.flatten

hth,
martin


> On 29. Feb 2020, at 14:42, Dan Crisp  wrote:
> 
> Hi,
> 
> Attempting to popualte a file with a hiera array.  
> 
> I have the following hiera defined:
> 
> # more common.yaml
> vimrc:
>   - 'syntax on'
>   - 'colo delek'
>   - 'set nu'
>   - 'set cursorline'
>   - 'set history=1000'
>   - 'set showmode'
>   - 'set showcmd'
> 
> Puppet lookup seems to return what I expect to see:
> 
> # puppet lookup vimrc
> ---
> - syntax on
> - colo delek
> - set nu
> - set cursorline
> - set history=1000
> - set showmode
> - set showcmd
> 
> Here's how I'm call the hiera array:
> 
> class base::vim {
> 
>   $set = lookup('vimrc', Array[String])
> 
>   package { 'vim': ensure => installed, }
> 
>   file { '/root/.vimrc':
> owner=> root,
> group=> root,
> mode => '0644',
> content  => $set,
>   }
> 
> }
> 
> However I just end up with the last line of the arrary:
> 
> # more .vimrc
> set showcmd
> 
> Any help here would be greatly appreciated.
> 
> Thanks,
> Dan.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/3620a92d-f2d2-43a4-9f92-4d12c3f0c45f%40googlegroups.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/F00404FE-8CE1-48D3-B570-8DE82F480E7A%40gmail.com.

[Puppet Users] Hiera Array Only Returns Last Line

2020-02-29 Thread Dan Crisp

Hi,

Attempting to popualte a file with a hiera array.  

I have the following hiera defined:

# more common.yaml
vimrc:
  - 'syntax on'
  - 'colo delek'
  - 'set nu'
  - 'set cursorline'
  - 'set history=1000'
  - 'set showmode'
  - 'set showcmd'

Puppet lookup seems to return what I expect to see:

# puppet lookup vimrc
---
- syntax on
- colo delek
- set nu
- set cursorline
- set history=1000
- set showmode
- set showcmd

Here's how I'm call the hiera array:

class base::vim {

  $set = lookup('vimrc', Array[String])

  package { 'vim': ensure => installed, }

  file { '/root/.vimrc':
owner=> root,
group=> root,
mode => '0644',
content  => $set,
  }

}

However I just end up with the last line of the arrary:

# more .vimrc
set showcmd

Any help here would be greatly appreciated.

Thanks,
Dan.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/3620a92d-f2d2-43a4-9f92-4d12c3f0c45f%40googlegroups.com.

Re: [Puppet Users] Hiera Setup Lookup Complaining

2020-02-29 Thread Dan Crisp

Thanks all.  Have this working now.  

On Wednesday, February 26, 2020 at 4:04:34 PM UTC, Becca Robinson wrote:
>
> Hi Dan,
>
> I see that you have this `puppet lookup match_address --node 
> nodename.domain.com.yaml —explain` .
>
> Might want to ditch the .yaml from the node name.
>
> -- 
> *Becca Robinson*
> Senior Professional Services Engineer
> be...@puppet.com  | @_itgrl_
> cell: (913) 752-7084
> Puppet  *The shortest path to better software.*
>
>
>
> On Feb 24, 2020, at 8:06 AM, Dan Crisp > 
> wrote:
>
> puppet lookup match_address --node nodename.domain.com.yaml --explain
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/276b96f6-8345-4858-abe1-171f37b6d370%40googlegroups.com.

Re: [Puppet Users] Hiera Setup Lookup Complaining

2020-02-26 Thread Becca Robinson

Hi Dan,

I see that you have this `puppet lookup match_address --node 
nodename.domain.com.yaml —explain` .

Might want to ditch the .yaml from the node name.

-- 
Becca Robinson
Senior Professional Services Engineer
be...@puppet.com | @_itgrl_
cell: (913) 752-7084
Puppet  The shortest path to better software.



> On Feb 24, 2020, at 8:06 AM, Dan Crisp  wrote:
> 
> puppet lookup match_address --node nodename.domain.com.yaml --explain
> 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/23594BBE-BA8E-4C45-A087-995551668B02%40puppet.com.

Re: [Puppet Users] Hiera Setup Lookup Complaining

2020-02-26 Thread Dan Crisp

Still no joy with lookup despite re-writing Hiera as per you example. 

On Wednesday, February 26, 2020 at 10:20:09 AM UTC, Bart-Jan Vrielink wrote:
>
> Hello,
>
>
> What you have in Hiera is the following:
>
> ---
> sshdconfig:
>   match_address: "xx.xx.xx.xx"
>   permit_root_login: without-password
>
>
> This is a single key sshdconfig with the value:
>
> {
>   "match_address" => "xx.xx.xx.xx",
>   "permit_root_login" => "without-password"
> }
>
>
> If you want to use the contents of match_address in your Puppet code, you 
> would need to lookup sshdconfig and then access 
> $sshconfig['match_address'], or rewrite your yaml into something like:
>
> ---
> sshdconfig::match_address: "xx.xx.xx.xx"
> sshdconfig::permit_root_login: without-password
>
>
> Where you can lookup sshdconfig::match_address
>
>
> As you've already noted, this naming convention is most appropriate for a 
> module sshdconfig. If there is such a module, its parameters match_address 
> and permit_root_login would be automatically looked up in Hiera.
>
>
>  
>
>
> -Original message-
> *From:* Dan Crisp >
> *Sent:* Tuesday 25th February 2020 16:59
> *To:* Puppet Users >
> *Subject:* Re: [Puppet Users] Hiera Setup Lookup Complaining
>
> Hello Bart, 
>
> Thanks for your reply.  Yes that threw me also.  I was originally looking 
> for sshdconfig::match_adddress however the output from lookup returned:
>
> Searching for "sshdconfig::match_address"
>   Global Data Provider (hiera configuration version 5)
> Using configuration "/etc/puppetlabs/puppet/hiera.yaml"
> No such key: "sshdconfig::match_address"
>   Environment Data Provider (hiera configuration version 5)
> Using configuration 
> "/etc/puppetlabs/code/environments/production/hiera.yaml"
> Hierarchy entry "Per-node data (yaml version)"
>   Path 
> "/etc/puppetlabs/code/environments/production/data/nodes/lhcsrvmtrrsl01.fixnetix.com.yaml"
> Original path: "nodes/%{::trusted.certname}.yaml"
> Path not found
> Hierarchy entry "Other YAML hierarchy levels"
>   Path "/etc/puppetlabs/code/environments/production/data/common.yaml"
> Original path: "common.yaml"
> Path not found
>   *Module "sshdconfig" not found*
> Function lookup() did not find a value for the name 
> 'sshdconfig::match_address'
>
> Suggesting that it was expecting sshdconfig to be be a module.  Not the 
> case in this instance.  In fact, the hiera in question is not refferenced 
> in any module or class etc.  Is that the issue?
>
> On Tuesday, February 25, 2020 at 3:34:49 PM UTC, Bart-Jan Vrielink wrote: 
>>
>> Hello,
>>
>>
>> I see you are looking for 'match_address', but in Hiera it is stored as 
>> 'sshdconfig::match_address'.
>>
>>
>> -Original message-
>> *From:* Dan Crisp > <#zarafa.5e564648.02f2.2753846926c53483@anjie.dontpanic.nl_>>
>> *Sent:* Tuesday 25th February 2020 13:42
>> *To:* Puppet Users > <#zarafa.5e564648.02f2.2753846926c53483@anjie.dontpanic.nl_>>
>> *Subject:* Re: [Puppet Users] Hiera Setup Lookup Complaining
>>
>> I included the --compile option.  Now (not sure whether as a result of 
>> use --option) I can see 
>> /etc/puppetlabs/code/environments/production/data/nodes/nodename.domain.com.yaml
>>  
>> in the output: 
>>
>> Searching for "lookup_options"
>>   Global Data Provider (hiera configuration version 5)
>> No such key: "lookup_options"
>>   Environment Data Provider (hiera configuration version 5)
>> Using configuration 
>> "/etc/puppetlabs/code/environments/production/hiera.yaml"
>> Merge strategy hash
>>   Hierarchy entry "Per-node data"
>> Path 
>> "/etc/puppetlabs/code/environments/production/data/nodes/nodename.fixnetix.com.yaml"
>>   Original path: "nodes/%{trusted.certname}.yaml"
>>   No such key: "lookup_options"
>>   Hierarchy entry "Per-OS defaults"
>> Path 
>> "/etc/puppetlabs/code/environments/production/data/os/RedHat.yaml"
>>   Original path: "os/%{facts.os.family}.yaml"
>>   Path not found
>>   Hierarchy entry "Common data"
>> Path 
>> "/etc/puppetlabs/code/environments/production/data/comm

Re: [Puppet Users] Hiera Setup Lookup Complaining

2020-02-26 Thread Dan Crisp

Look all good to me:


puppet@puppet:/etc/puppetlabs/puppet$ ls -ltr
total 40
-rw-r--r--. 1 puppet puppet 5487 Sep 23 22:22 auth.conf
-rw-r--r--. 1 puppet puppet  657 Sep 24 12:17 puppet.conf
drwxrwx--x. 1 puppet puppet 4096 Sep 27 16:22 ssl
drwxr-x---. 2 puppet puppet 4096 Sep 27 22:32 devices
-rw-r--r--. 1 puppet puppet  219 Feb 26 13:43 hiera.yaml

*puppet@puppet:/etc/puppetlabs/puppet$* more hiera.yaml
---
# Hiera 5 Global configuration file

version: 5
#defaults:
#data_hash: yaml_data
#  datadir: /etc/puppetlabs/code/environments/production/data
# hierarchy:
#  - name: Common
#data_hash: yaml_data
#hierarchy: []

*puppet@puppet:/etc/puppetlabs/code/environments/production$* ls -ltr
total 16
drwxr-xr-x. 6 root root 4096 Oct 22 14:06 modules
drwxr-xr-x. 2 root root 4096 Feb 18 16:04 manifests
-rw-r--r--. 1 root root  618 Feb 26 12:40 hiera.yaml
drwxr-xr-x. 3 root root 4096 Feb 26 13:07 data

*puppet@puppet:/etc/puppetlabs/code/environments/production$* more 
hiera.yaml
---
version: 5
defaults:
  # The default value for "datadir" is "data" under the same directory as 
the hiera.yaml
  # file (this file)
  # When specifying a datadir, make sure the directory exists.
  # See https://puppet.com/docs/puppet/latest/environments_about.html for 
further details on environments.
  #datadir: data
  data_hash: yaml_data
hierarchy:
  - name: "Per-node data"   # Human-readable name.
path: "nodes/%{trusted.certname}.yaml"  # File path, relative to 
datadir.

  - name: "Per-OS defaults"
path: "os/%{facts.os.family}.yaml"

  - name: "Common data"
path: "common.yaml"

*puppet@puppet:/etc/puppetlabs/code/environments/production/data/nodes$* ls 
-ltr
total 8
-rw-r--r--. 1 root root 31 Feb 25 15:42 nodename.domain.com.yaml

*puppet@puppet:/etc/puppetlabs/code/environments/production/data/nodes$* 
more nodename.domain.com.yaml
---
sshdconfig::match_address: "xx.xx.xx.xx"
sshdconfig::permit_root_login: without-password

Some files above are onwned by root however, have sufficient permissions to 
be at least read.


On Wednesday, February 26, 2020 at 1:27:22 PM UTC, Henrik Lindberg wrote:
>
> On 2020-02-25 16:51, Dan Crisp wrote: 
> > This is what I have: 
> > 
> > --- 
> > sshdconfig: 
> >match_address: "xx.xx.xx.xx" 
> >permit_root_login: without-password 
> > 
> > YAML Lint validates the YAML ok. 
> > 
> > However, it doesn't matter what I put in this file (Non YAML or a bunch 
> > of random characters ) the result is the same so I suspect it's not 
> > being read.  How can I confirm that the file is actualy being read 
> > rather than simply sucessfully displayed in the lookup output. 
>
> Check permissions on files, it may be silently skipping files that 
> cannot be read. 
> - henrik 
>
> > 
> > On Tuesday, February 25, 2020 at 12:58:02 PM UTC, Henrik Lindberg wrote: 
> > 
> > On 2020-02-25 13:42, Dan Crisp wrote: 
> >  > I included the --compile option.  Now (not sure whether as a 
> > result of 
> >  > use --option) I can 
> >  > 
> > 
> see/etc/puppetlabs/code/environments/production/data/nodes/nodename.domain.com.yaml
>  
>
> > 
> >  > in the output: 
> >  > 
> > 
> > Probably because you got a run done by the agent? 
> > Anyway - first step, make sure you see the expected paths being 
> read. 
> > Then, for the file where you expect the key to be found and produce 
> a 
> > value, do check the content of that file - is it valid yaml, is it 
> > representing what you think it represents? 
> > 
> > best, 
> > - henrik 
> > 
> > 
> >  > Searching for "lookup_options" 
> >  >Global Data Provider (hiera configuration version 5) 
> >  >  No such key: "lookup_options" 
> >  >Environment Data Provider (hiera configuration version 5) 
> >  >  Using configuration 
> >  > "/etc/puppetlabs/code/environments/production/hiera.yaml" 
> >  >  Merge strategy hash 
> >  >Hierarchy entry "Per-node data" 
> >  >  Path 
> >  > 
> > 
> "/etc/puppetlabs/code/environments/production/data/nodes/nodename.fixnetix.com.yaml"
>  
>
> > 
> >  >Original path: "nodes/%{trusted.certname}.yaml" 
> >  >No such key: "lookup_options" 
> >  >Hierarchy entry "Per-OS defaults" 
> >  >  Path 
> >  > 
> "/etc/puppetlabs/code/environments/production/data/os/RedHat.yaml" 
> >  >Original path: "os/%{facts.os.family}.yaml" 
> >  >Path not found 
> >  >Hierarchy entry "Common data" 
> >  >  Path 
> >  > "/etc/puppetlabs/code/environments/production/data/common.yaml" 
> >  >Original path: "common.yaml" 
> >  >Path not found 
> >  > Searching for "match_address" 
> >  >Global Data Provider (hiera configuration version 5) 
> >  >  No such key: "match_address" 
> >  >Environment Data Provider (hiera configuratio

Re: [Puppet Users] Hiera Setup Lookup Complaining

2020-02-26 Thread Henrik Lindberg


On 2020-02-25 16:51, Dan Crisp wrote:

This is what I have:

---
sshdconfig:
   match_address: "xx.xx.xx.xx"
   permit_root_login: without-password

YAML Lint validates the YAML ok.

However, it doesn't matter what I put in this file (Non YAML or a bunch 
of random characters ) the result is the same so I suspect it's not 
being read.  How can I confirm that the file is actualy being read 
rather than simply sucessfully displayed in the lookup output.


Check permissions on files, it may be silently skipping files that 
cannot be read.

- henrik



On Tuesday, February 25, 2020 at 12:58:02 PM UTC, Henrik Lindberg wrote:

On 2020-02-25 13:42, Dan Crisp wrote:
 > I included the --compile option.  Now (not sure whether as a
result of
 > use --option) I can
 >

see/etc/puppetlabs/code/environments/production/data/nodes/nodename.domain.com.yaml

 > in the output:
 >

Probably because you got a run done by the agent?
Anyway - first step, make sure you see the expected paths being read.
Then, for the file where you expect the key to be found and produce a
value, do check the content of that file - is it valid yaml, is it
representing what you think it represents?

best,
- henrik


 > Searching for "lookup_options"
 >    Global Data Provider (hiera configuration version 5)
 >      No such key: "lookup_options"
 >    Environment Data Provider (hiera configuration version 5)
 >      Using configuration
 > "/etc/puppetlabs/code/environments/production/hiera.yaml"
 >      Merge strategy hash
 >        Hierarchy entry "Per-node data"
 >          Path
 >

"/etc/puppetlabs/code/environments/production/data/nodes/nodename.fixnetix.com.yaml"

 >            Original path: "nodes/%{trusted.certname}.yaml"
 >            No such key: "lookup_options"
 >        Hierarchy entry "Per-OS defaults"
 >          Path
 > "/etc/puppetlabs/code/environments/production/data/os/RedHat.yaml"
 >            Original path: "os/%{facts.os.family}.yaml"
 >            Path not found
 >        Hierarchy entry "Common data"
 >          Path
 > "/etc/puppetlabs/code/environments/production/data/common.yaml"
 >            Original path: "common.yaml"
 >            Path not found
 > Searching for "match_address"
 >    Global Data Provider (hiera configuration version 5)
 >      No such key: "match_address"
 >    Environment Data Provider (hiera configuration version 5)
 >      Using configuration
 > "/etc/puppetlabs/code/environments/production/hiera.yaml"
 >      Hierarchy entry "Per-node data"
 >        Path
 >

"/etc/puppetlabs/code/environments/production/data/nodes/lhcsrvmtrrsl01.fixnetix.com.yaml"

 >          Original path: "nodes/%{trusted.certname}.yaml"
 >          No such key: "match_address"
 >      Hierarchy entry "Per-OS defaults"
 >        Path
 > "/etc/puppetlabs/code/environments/production/data/os/RedHat.yaml"
 >          Original path: "os/%{facts.os.family}.yaml"
 >          Path not found
 >      Hierarchy entry "Common data"
 >        Path
"/etc/puppetlabs/code/environments/production/data/common.yaml"
 >          Original path: "common.yaml"
 >          Path not found
 > Function lookup() did not find a value for the name 'match_address'
 >
 > Still no luck finding the requested value though.
 >
 > Thanks,
 > Dan.
 >
 > On Monday, February 24, 2020 at 7:13:25 PM UTC, Henrik Lindberg
wrote:
 >
 >     Dan Crisp wrote:
 >      >  environment/production/data/nodes/nodename.domain.com.yaml
 >     As you can see in the output - the hiera path expanded to:
 >
 >         Path
 >     "/etc/puppetlabs/code/environments/production/data/nodes/.yaml"
 >
 >     Meaning that trusted.certname was empty. It would be empty if
the node
 >     "nodename.domain.com 
" never checked in
 >     with the puppet server to deposit
 >     any facts. It will do that on its first agent run though.
 >
 >     Meanwhile you have to supply your own facts (and trusted) to
do lookups
 >     as it will be done when the node later requests a catalog.
Look at the
 >     help for the various flags to the lookup command to learn how to
 >     give it
 >     values for facts and trusted information.
 >
 >     - henrik
 >
 >
 >     --
 >
 >     Visit my Blog "Puppet on the Edge"
 > http://puppet-on-the-edge.blogspot.se/

 >     >
 >
 > --
 > You received this message because you are subscribed to the Google
 > Groups "Puppet Users" group.
 > To unsubscribe from this group and

RE: [Puppet Users] Hiera Setup Lookup Complaining

2020-02-26 Thread Bart-Jan Vrielink

Hello,



What you have in Hiera is the following:

---
sshdconfig:
  match_address: "xx.xx.xx.xx"
  permit_root_login: without-password



This is a single key sshdconfig with the value:

{
  "match_address" => "xx.xx.xx.xx",
  "permit_root_login" => "without-password"
}



If you want to use the contents of match_address in your Puppet code, you would 
need to lookup sshdconfig and then access $sshconfig['match_address'], or 
rewrite your yaml into something like:

---
sshdconfig::match_address: "xx.xx.xx.xx"
sshdconfig::permit_root_login: without-password



Where you can lookup sshdconfig::match_address



As you've already noted, this naming convention is most appropriate for a 
module sshdconfig. If there is such a module, its parameters match_address and 
permit_root_login would be automatically looked up in Hiera.



 


-Original message-
From: Dan Crisp 
Sent: Tuesday 25th February 2020 16:59
To: Puppet Users 
Subject: Re: [Puppet Users] Hiera Setup Lookup Complaining

Hello Bart,

Thanks for your reply.  Yes that threw me also.  I was originally looking for 
sshdconfig::match_adddress however the output from lookup returned:

Searching for "sshdconfig::match_address"
  Global Data Provider (hiera configuration version 5)
    Using configuration "/etc/puppetlabs/puppet/hiera.yaml"
    No such key: "sshdconfig::match_address"
  Environment Data Provider (hiera configuration version 5)
    Using configuration 
"/etc/puppetlabs/code/environments/production/hiera.yaml"
    Hierarchy entry "Per-node data (yaml version)"
      Path 
"/etc/puppetlabs/code/environments/production/data/nodes/lhcsrvmtrrsl01.fixnetix.com.yaml"
        Original path: "nodes/%{::trusted.certname}.yaml"
        Path not found
    Hierarchy entry "Other YAML hierarchy levels"
      Path "/etc/puppetlabs/code/environments/production/data/common.yaml"
        Original path: "common.yaml"
        Path not found
  Module "sshdconfig" not found
Function lookup() did not find a value for the name 'sshdconfig::match_address'

Suggesting that it was expecting sshdconfig to be be a module.  Not the case in 
this instance.  In fact, the hiera in question is not refferenced in any module 
or class etc.  Is that the issue?

On Tuesday, February 25, 2020 at 3:34:49 PM UTC, Bart-Jan Vrielink wrote:

Hello,



I see you are looking for 'match_address', but in Hiera it is stored as 
'sshdconfig::match_address'.



-Original message-
From: Dan Crisp 
Sent: Tuesday 25th February 2020 13:42
To: Puppet Users 
Subject: Re: [Puppet Users] Hiera Setup Lookup Complaining

I included the --compile option.  Now (not sure whether as a result of use 
--option) I can see 
/etc/puppetlabs/code/environments/production/data/nodes/nodename.domain.com.yaml
 in the output:

Searching for "lookup_options"
  Global Data Provider (hiera configuration version 5)
    No such key: "lookup_options"
  Environment Data Provider (hiera configuration version 5)
    Using configuration 
"/etc/puppetlabs/code/environments/production/hiera.yaml"
    Merge strategy hash
      Hierarchy entry "Per-node data"
        Path 
"/etc/puppetlabs/code/environments/production/data/nodes/nodename.fixnetix.com.yaml"
          Original path: "nodes/%{trusted.certname}.yaml"
          No such key: "lookup_options"
      Hierarchy entry "Per-OS defaults"
        Path "/etc/puppetlabs/code/environments/production/data/os/RedHat.yaml"
          Original path: "os/%{facts.os.family}.yaml"
          Path not found
      Hierarchy entry "Common data"
        Path "/etc/puppetlabs/code/environments/production/data/common.yaml"
          Original path: "common.yaml"
          Path not found
Searching for "match_address"
  Global Data Provider (hiera configuration version 5)
    No such key: "match_address"
  Environment Data Provider (hiera configuration version 5)
    Using configuration 
"/etc/puppetlabs/code/environments/production/hiera.yaml"
    Hierarchy entry "Per-node data"
      Path 
"/etc/puppetlabs/code/environments/production/data/nodes/lhcsrvmtrrsl01.fixnetix.com.yaml"
        Original path: "nodes/%{trusted.certname}.yaml"
        No such key: "match_address"
    Hierarchy entry "Per-OS defaults"
      Path "/etc/puppetlabs/code/environments/production/data/os/RedHat.yaml"
        Original path: "os/%{facts.os.family}.yaml"
        Path not found
    Hierarchy entry "Common data"
      Path "/etc/puppetlabs/code/environments/production/data/common.yaml"
        Original path: &q

Re: [Puppet Users] Hiera Setup Lookup Complaining

2020-02-25 Thread Dan Crisp

Hello Bart,

Thanks for your reply.  Yes that threw me also.  I was originally looking 
for sshdconfig::match_adddress however the output from lookup returned:

Searching for "sshdconfig::match_address"
  Global Data Provider (hiera configuration version 5)
Using configuration "/etc/puppetlabs/puppet/hiera.yaml"
No such key: "sshdconfig::match_address"
  Environment Data Provider (hiera configuration version 5)
Using configuration 
"/etc/puppetlabs/code/environments/production/hiera.yaml"
Hierarchy entry "Per-node data (yaml version)"
  Path 
"/etc/puppetlabs/code/environments/production/data/nodes/lhcsrvmtrrsl01.fixnetix.com.yaml"
Original path: "nodes/%{::trusted.certname}.yaml"
Path not found
Hierarchy entry "Other YAML hierarchy levels"
  Path "/etc/puppetlabs/code/environments/production/data/common.yaml"
Original path: "common.yaml"
Path not found
  *Module "sshdconfig" not found*
Function lookup() did not find a value for the name 
'sshdconfig::match_address'

Suggesting that it was expecting sshdconfig to be be a module.  Not the 
case in this instance.  In fact, the hiera in question is not refferenced 
in any module or class etc.  Is that the issue?

On Tuesday, February 25, 2020 at 3:34:49 PM UTC, Bart-Jan Vrielink wrote:
>
> Hello,
>
>
> I see you are looking for 'match_address', but in Hiera it is stored as 
> 'sshdconfig::match_address'.
>
>
> -Original message-
> *From:* Dan Crisp >
> *Sent:* Tuesday 25th February 2020 13:42
> *To:* Puppet Users >
> *Subject:* Re: [Puppet Users] Hiera Setup Lookup Complaining
>
> I included the --compile option.  Now (not sure whether as a result of use 
> --option) I can see 
> /etc/puppetlabs/code/environments/production/data/nodes/nodename.domain.com.yaml
>  
> in the output: 
>
> Searching for "lookup_options"
>   Global Data Provider (hiera configuration version 5)
> No such key: "lookup_options"
>   Environment Data Provider (hiera configuration version 5)
> Using configuration 
> "/etc/puppetlabs/code/environments/production/hiera.yaml"
> Merge strategy hash
>   Hierarchy entry "Per-node data"
> Path 
> "/etc/puppetlabs/code/environments/production/data/nodes/nodename.fixnetix.com.yaml"
>   Original path: "nodes/%{trusted.certname}.yaml"
>   No such key: "lookup_options"
>   Hierarchy entry "Per-OS defaults"
> Path 
> "/etc/puppetlabs/code/environments/production/data/os/RedHat.yaml"
>   Original path: "os/%{facts.os.family}.yaml"
>   Path not found
>   Hierarchy entry "Common data"
> Path 
> "/etc/puppetlabs/code/environments/production/data/common.yaml"
>   Original path: "common.yaml"
>   Path not found
> Searching for "match_address"
>   Global Data Provider (hiera configuration version 5)
> No such key: "match_address"
>   Environment Data Provider (hiera configuration version 5)
> Using configuration 
> "/etc/puppetlabs/code/environments/production/hiera.yaml"
> Hierarchy entry "Per-node data"
>   Path 
> "/etc/puppetlabs/code/environments/production/data/nodes/lhcsrvmtrrsl01.fixnetix.com.yaml"
> Original path: "nodes/%{trusted.certname}.yaml"
> No such key: "match_address"
> Hierarchy entry "Per-OS defaults"
>   Path 
> "/etc/puppetlabs/code/environments/production/data/os/RedHat.yaml"
> Original path: "os/%{facts.os.family}.yaml"
> Path not found
> Hierarchy entry "Common data"
>   Path "/etc/puppetlabs/code/environments/production/data/common.yaml"
> Original path: "common.yaml"
> Path not found
> Function lookup() did not find a value for the name 'match_address'
>
> Still no luck finding the requested value though.
>
> Thanks,
> Dan.
>
> On Monday, February 24, 2020 at 7:13:25 PM UTC, Henrik Lindberg wrote: 
>>
>> Dan Crisp wrote: 
>> >  environment/production/data/nodes/nodename.domain.com.yaml 
>> As you can see in the output - the hiera path expanded to: 
>>
>>Path "/etc/puppetlabs/code/environments/production/data/nodes/.yaml" 
>>
>> Meaning that trusted.certname was empty. It would be empty if the node 
>> "nodename.domain.com" never checked in with the puppet server to deposit 
>> any facts. It

Re: [Puppet Users] Hiera Setup Lookup Complaining

2020-02-25 Thread Dan Crisp

This is what I have:

---
sshdconfig:
  match_address: "xx.xx.xx.xx"
  permit_root_login: without-password

YAML Lint validates the YAML ok.

However, it doesn't matter what I put in this file (Non YAML or a bunch of 
random characters ) the result is the same so I suspect it's not being 
read.  How can I confirm that the file is actualy being read rather than 
simply sucessfully displayed in the lookup output.

On Tuesday, February 25, 2020 at 12:58:02 PM UTC, Henrik Lindberg wrote:
>
> On 2020-02-25 13:42, Dan Crisp wrote: 
> > I included the --compile option.  Now (not sure whether as a result of 
> > use --option) I can 
> > 
> see/etc/puppetlabs/code/environments/production/data/nodes/nodename.domain.com.yaml
>  
>
> > in the output: 
> > 
>
> Probably because you got a run done by the agent? 
> Anyway - first step, make sure you see the expected paths being read. 
> Then, for the file where you expect the key to be found and produce a 
> value, do check the content of that file - is it valid yaml, is it 
> representing what you think it represents? 
>
> best, 
> - henrik 
>
>
> > Searching for "lookup_options" 
> >Global Data Provider (hiera configuration version 5) 
> >  No such key: "lookup_options" 
> >Environment Data Provider (hiera configuration version 5) 
> >  Using configuration 
> > "/etc/puppetlabs/code/environments/production/hiera.yaml" 
> >  Merge strategy hash 
> >Hierarchy entry "Per-node data" 
> >  Path 
> > 
> "/etc/puppetlabs/code/environments/production/data/nodes/nodename.fixnetix.com.yaml"
>  
>
> >Original path: "nodes/%{trusted.certname}.yaml" 
> >No such key: "lookup_options" 
> >Hierarchy entry "Per-OS defaults" 
> >  Path 
> > "/etc/puppetlabs/code/environments/production/data/os/RedHat.yaml" 
> >Original path: "os/%{facts.os.family}.yaml" 
> >Path not found 
> >Hierarchy entry "Common data" 
> >  Path 
> > "/etc/puppetlabs/code/environments/production/data/common.yaml" 
> >Original path: "common.yaml" 
> >Path not found 
> > Searching for "match_address" 
> >Global Data Provider (hiera configuration version 5) 
> >  No such key: "match_address" 
> >Environment Data Provider (hiera configuration version 5) 
> >  Using configuration 
> > "/etc/puppetlabs/code/environments/production/hiera.yaml" 
> >  Hierarchy entry "Per-node data" 
> >Path 
> > 
> "/etc/puppetlabs/code/environments/production/data/nodes/lhcsrvmtrrsl01.fixnetix.com.yaml"
>  
>
> >  Original path: "nodes/%{trusted.certname}.yaml" 
> >  No such key: "match_address" 
> >  Hierarchy entry "Per-OS defaults" 
> >Path 
> > "/etc/puppetlabs/code/environments/production/data/os/RedHat.yaml" 
> >  Original path: "os/%{facts.os.family}.yaml" 
> >  Path not found 
> >  Hierarchy entry "Common data" 
> >Path 
> "/etc/puppetlabs/code/environments/production/data/common.yaml" 
> >  Original path: "common.yaml" 
> >  Path not found 
> > Function lookup() did not find a value for the name 'match_address' 
> > 
> > Still no luck finding the requested value though. 
> > 
> > Thanks, 
> > Dan. 
> > 
> > On Monday, February 24, 2020 at 7:13:25 PM UTC, Henrik Lindberg wrote: 
> > 
> > Dan Crisp wrote: 
> >  >  environment/production/data/nodes/nodename.domain.com.yaml 
> > As you can see in the output - the hiera path expanded to: 
> > 
> > Path 
> > "/etc/puppetlabs/code/environments/production/data/nodes/.yaml" 
> > 
> > Meaning that trusted.certname was empty. It would be empty if the 
> node 
> > "nodename.domain.com " never checked in 
> > with the puppet server to deposit 
> > any facts. It will do that on its first agent run though. 
> > 
> > Meanwhile you have to supply your own facts (and trusted) to do 
> lookups 
> > as it will be done when the node later requests a catalog. Look at 
> the 
> > help for the various flags to the lookup command to learn how to 
> > give it 
> > values for facts and trusted information. 
> > 
> > - henrik 
> > 
> > 
> > -- 
> > 
> > Visit my Blog "Puppet on the Edge" 
> > http://puppet-on-the-edge.blogspot.se/ 
> >  
> > 
> > -- 
> > You received this message because you are subscribed to the Google 
> > Groups "Puppet Users" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> > an email to puppet...@googlegroups.com  
> > . 
> > To view this discussion on the web visit 
> > 
> https://groups.google.com/d/msgid/puppet-users/51b5a4bd-0e18-42c9-8cc3-9b77bcfd4218%40googlegroups.com
>  
> > <
> https://groups.google.com/d/msgid/puppet-users/51b5a4bd-0e18-42c9-8cc3-9b77bcfd4218%40googlegroups.com?utm_medium=email&utm_source=foot

RE: [Puppet Users] Hiera Setup Lookup Complaining

2020-02-25 Thread Bart-Jan Vrielink

Hello,



I see you are looking for 'match_address', but in Hiera it is stored as 
'sshdconfig::match_address'.



-Original message-
From: Dan Crisp 
Sent: Tuesday 25th February 2020 13:42
To: Puppet Users 
Subject: Re: [Puppet Users] Hiera Setup Lookup Complaining

I included the --compile option.  Now (not sure whether as a result of use 
--option) I can see 
/etc/puppetlabs/code/environments/production/data/nodes/nodename.domain.com.yaml
 in the output:

Searching for "lookup_options"
  Global Data Provider (hiera configuration version 5)
    No such key: "lookup_options"
  Environment Data Provider (hiera configuration version 5)
    Using configuration 
"/etc/puppetlabs/code/environments/production/hiera.yaml"
    Merge strategy hash
      Hierarchy entry "Per-node data"
        Path 
"/etc/puppetlabs/code/environments/production/data/nodes/nodename.fixnetix.com.yaml"
          Original path: "nodes/%{trusted.certname}.yaml"
          No such key: "lookup_options"
      Hierarchy entry "Per-OS defaults"
        Path "/etc/puppetlabs/code/environments/production/data/os/RedHat.yaml"
          Original path: "os/%{facts.os.family}.yaml"
          Path not found
      Hierarchy entry "Common data"
        Path "/etc/puppetlabs/code/environments/production/data/common.yaml"
          Original path: "common.yaml"
          Path not found
Searching for "match_address"
  Global Data Provider (hiera configuration version 5)
    No such key: "match_address"
  Environment Data Provider (hiera configuration version 5)
    Using configuration 
"/etc/puppetlabs/code/environments/production/hiera.yaml"
    Hierarchy entry "Per-node data"
      Path 
"/etc/puppetlabs/code/environments/production/data/nodes/lhcsrvmtrrsl01.fixnetix.com.yaml"
        Original path: "nodes/%{trusted.certname}.yaml"
        No such key: "match_address"
    Hierarchy entry "Per-OS defaults"
      Path "/etc/puppetlabs/code/environments/production/data/os/RedHat.yaml"
        Original path: "os/%{facts.os.family}.yaml"
        Path not found
    Hierarchy entry "Common data"
      Path "/etc/puppetlabs/code/environments/production/data/common.yaml"
        Original path: "common.yaml"
        Path not found
Function lookup() did not find a value for the name 'match_address'

Still no luck finding the requested value though.

Thanks,
Dan.

On Monday, February 24, 2020 at 7:13:25 PM UTC, Henrik Lindberg wrote: Dan 
Crisp wrote: 
>  environment/production/data/nodes/nodename.domain.com.yaml 
As you can see in the output - the hiera path expanded to: 
 
   Path "/etc/puppetlabs/code/environments/production/data/nodes/.yaml" 
 
Meaning that trusted.certname was empty. It would be empty if the node 
"nodename.domain.com <http://nodename.domain.com> " never checked in with the 
puppet server to deposit 
any facts. It will do that on its first agent run though. 
 
Meanwhile you have to supply your own facts (and trusted) to do lookups 
as it will be done when the node later requests a catalog. Look at the 
help for the various flags to the lookup command to learn how to give it 
values for facts and trusted information. 
 
- henrik 
 
 
-- 
 
Visit my Blog "Puppet on the Edge" 
http://puppet-on-the-edge.blogspot.se/ <http://puppet-on-the-edge.blogspot.se/> 
 


-- 
 You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
 To unsubscribe from this group and stop receiving emails from it, send an 
email to puppet-users+unsubscr...@googlegroups.com 
<mailto:puppet-users+unsubscr...@googlegroups.com> .
 To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/51b5a4bd-0e18-42c9-8cc3-9b77bcfd4218%40googlegroups.com.
 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/zarafa.5e553d3f.4927.3fd0a0df5a56792e%40anjie.dontpanic.nl.

Re: [Puppet Users] Hiera Setup Lookup Complaining

2020-02-25 Thread Henrik Lindberg


On 2020-02-25 13:42, Dan Crisp wrote:
I included the --compile option.  Now (not sure whether as a result of 
use --option) I can 
see/etc/puppetlabs/code/environments/production/data/nodes/nodename.domain.com.yaml 
in the output:




Probably because you got a run done by the agent?
Anyway - first step, make sure you see the expected paths being read.
Then, for the file where you expect the key to be found and produce a 
value, do check the content of that file - is it valid yaml, is it 
representing what you think it represents?


best,
- henrik



Searching for "lookup_options"
   Global Data Provider (hiera configuration version 5)
     No such key: "lookup_options"
   Environment Data Provider (hiera configuration version 5)
     Using configuration 
"/etc/puppetlabs/code/environments/production/hiera.yaml"

     Merge strategy hash
       Hierarchy entry "Per-node data"
         Path 
"/etc/puppetlabs/code/environments/production/data/nodes/nodename.fixnetix.com.yaml"

           Original path: "nodes/%{trusted.certname}.yaml"
           No such key: "lookup_options"
       Hierarchy entry "Per-OS defaults"
         Path 
"/etc/puppetlabs/code/environments/production/data/os/RedHat.yaml"

           Original path: "os/%{facts.os.family}.yaml"
           Path not found
       Hierarchy entry "Common data"
         Path 
"/etc/puppetlabs/code/environments/production/data/common.yaml"

           Original path: "common.yaml"
           Path not found
Searching for "match_address"
   Global Data Provider (hiera configuration version 5)
     No such key: "match_address"
   Environment Data Provider (hiera configuration version 5)
     Using configuration 
"/etc/puppetlabs/code/environments/production/hiera.yaml"

     Hierarchy entry "Per-node data"
       Path 
"/etc/puppetlabs/code/environments/production/data/nodes/lhcsrvmtrrsl01.fixnetix.com.yaml"

         Original path: "nodes/%{trusted.certname}.yaml"
         No such key: "match_address"
     Hierarchy entry "Per-OS defaults"
       Path 
"/etc/puppetlabs/code/environments/production/data/os/RedHat.yaml"

         Original path: "os/%{facts.os.family}.yaml"
         Path not found
     Hierarchy entry "Common data"
       Path "/etc/puppetlabs/code/environments/production/data/common.yaml"
         Original path: "common.yaml"
         Path not found
Function lookup() did not find a value for the name 'match_address'

Still no luck finding the requested value though.

Thanks,
Dan.

On Monday, February 24, 2020 at 7:13:25 PM UTC, Henrik Lindberg wrote:

Dan Crisp wrote:
 >  environment/production/data/nodes/nodename.domain.com.yaml
As you can see in the output - the hiera path expanded to:

    Path
"/etc/puppetlabs/code/environments/production/data/nodes/.yaml"

Meaning that trusted.certname was empty. It would be empty if the node
"nodename.domain.com " never checked in
with the puppet server to deposit
any facts. It will do that on its first agent run though.

Meanwhile you have to supply your own facts (and trusted) to do lookups
as it will be done when the node later requests a catalog. Look at the
help for the various flags to the lookup command to learn how to
give it
values for facts and trusted information.

- henrik


-- 


Visit my Blog "Puppet on the Edge"
http://puppet-on-the-edge.blogspot.se/


--
You received this message because you are subscribed to the Google 
Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to puppet-users+unsubscr...@googlegroups.com 
.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/51b5a4bd-0e18-42c9-8cc3-9b77bcfd4218%40googlegroups.com 
.



--

Visit my Blog "Puppet on the Edge"
http://puppet-on-the-edge.blogspot.se/

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/r335k6%24c2e%241%40ciao.gmane.io.

Re: [Puppet Users] Hiera Setup Lookup Complaining

2020-02-25 Thread Dan Crisp

I included the --compile option.  Now (not sure whether as a result of use 
--option) I can see 
/etc/puppetlabs/code/environments/production/data/nodes/nodename.domain.com.yaml
 
in the output:

Searching for "lookup_options"
  Global Data Provider (hiera configuration version 5)
No such key: "lookup_options"
  Environment Data Provider (hiera configuration version 5)
Using configuration 
"/etc/puppetlabs/code/environments/production/hiera.yaml"
Merge strategy hash
  Hierarchy entry "Per-node data"
Path 
"/etc/puppetlabs/code/environments/production/data/nodes/nodename.fixnetix.com.yaml"
  Original path: "nodes/%{trusted.certname}.yaml"
  No such key: "lookup_options"
  Hierarchy entry "Per-OS defaults"
Path 
"/etc/puppetlabs/code/environments/production/data/os/RedHat.yaml"
  Original path: "os/%{facts.os.family}.yaml"
  Path not found
  Hierarchy entry "Common data"
Path "/etc/puppetlabs/code/environments/production/data/common.yaml"
  Original path: "common.yaml"
  Path not found
Searching for "match_address"
  Global Data Provider (hiera configuration version 5)
No such key: "match_address"
  Environment Data Provider (hiera configuration version 5)
Using configuration 
"/etc/puppetlabs/code/environments/production/hiera.yaml"
Hierarchy entry "Per-node data"
  Path 
"/etc/puppetlabs/code/environments/production/data/nodes/lhcsrvmtrrsl01.fixnetix.com.yaml"
Original path: "nodes/%{trusted.certname}.yaml"
No such key: "match_address"
Hierarchy entry "Per-OS defaults"
  Path 
"/etc/puppetlabs/code/environments/production/data/os/RedHat.yaml"
Original path: "os/%{facts.os.family}.yaml"
Path not found
Hierarchy entry "Common data"
  Path "/etc/puppetlabs/code/environments/production/data/common.yaml"
Original path: "common.yaml"
Path not found
Function lookup() did not find a value for the name 'match_address'

Still no luck finding the requested value though.

Thanks,
Dan.

On Monday, February 24, 2020 at 7:13:25 PM UTC, Henrik Lindberg wrote:
>
> Dan Crisp wrote: 
> >  environment/production/data/nodes/nodename.domain.com.yaml 
> As you can see in the output - the hiera path expanded to: 
>
>Path "/etc/puppetlabs/code/environments/production/data/nodes/.yaml" 
>
> Meaning that trusted.certname was empty. It would be empty if the node 
> "nodename.domain.com" never checked in with the puppet server to deposit 
> any facts. It will do that on its first agent run though. 
>
> Meanwhile you have to supply your own facts (and trusted) to do lookups 
> as it will be done when the node later requests a catalog. Look at the 
> help for the various flags to the lookup command to learn how to give it 
> values for facts and trusted information. 
>
> - henrik 
>
>
> -- 
>
> Visit my Blog "Puppet on the Edge" 
> http://puppet-on-the-edge.blogspot.se/ 
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/51b5a4bd-0e18-42c9-8cc3-9b77bcfd4218%40googlegroups.com.

Re: [Puppet Users] Hiera Setup Lookup Complaining

2020-02-24 Thread Henrik Lindberg


Dan Crisp wrote:
 environment/production/data/nodes/nodename.domain.com.yaml 

As you can see in the output - the hiera path expanded to:

  Path "/etc/puppetlabs/code/environments/production/data/nodes/.yaml"

Meaning that trusted.certname was empty. It would be empty if the node 
"nodename.domain.com" never checked in with the puppet server to deposit 
any facts. It will do that on its first agent run though.


Meanwhile you have to supply your own facts (and trusted) to do lookups 
as it will be done when the node later requests a catalog. Look at the 
help for the various flags to the lookup command to learn how to give it

values for facts and trusted information.

- henrik


--

Visit my Blog "Puppet on the Edge"
http://puppet-on-the-edge.blogspot.se/

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/r31785%241ub%241%40ciao.gmane.io.

Re: [Puppet Users] Hiera Setup Lookup Complaining

2020-02-24 Thread Dan Crisp

Hello Henrik, thanks for your reply.  This file:

environment/production/data/nodes/nodename.domain.com.yaml 

On Monday, February 24, 2020 at 4:26:37 PM UTC, Henrik Lindberg wrote:
>
> On 2020-02-24 17:06, Dan Crisp wrote: 
> > Hello all, 
> > 
> > Strugling to get started with Hiera (all new to me): 
> > 
>
> First glance that looks ok, as you can see it is not finding your key in 
> any of the resulting paths. From where (which data file) was it supposed 
> to find the key you looked up? 
>
> Best, 
> - henrik 
>
>
> > # more /etc/puppetlabs/puppet/hiera.yaml 
> > --- 
> > *# Hiera 5 Global configuration file* 
> > 
> > version: 5 
> > 
> > # defaults: 
> > #   data_hash: yaml_data 
> > # hierarchy: 
> > #  - name: Common 
> > #data_hash: yaml_data 
> > hierarchy: [] 
> > 
> > # more environments/production/hiera.yaml 
> > --- 
> > version: 5 
> > defaults: 
> ># The default value for "datadir" is "data" under the same directory 
> > as the hiera.yaml 
> ># file (this file) 
> ># When specifying a datadir, make sure the directory exists. 
> ># See https://puppet.com/docs/puppet/latest/environments_about.html 
> > for further details on environments. 
> > datadir: data 
> > data_hash: yaml_data 
> > hierarchy: 
> >- name: "Per-node data"   # Human-readable name. 
> >  path: "nodes/%{trusted.certname}.yaml"  # File path, relative to 
> > datadir. 
> > 
> >- name: "Per-OS defaults" 
> >  path: "os/%{facts.os.family}.yaml" 
> > 
> >- name: "Common data" 
> >  path: "common.yaml" 
> > 
> > # more environment/production/data/nodes/nodename.domain.com.yaml 
> > --- 
> > sshdconfig: 
> >match_address: "xx.xx.xx.xx" 
> >permit_root_login: without-password 
> > 
> > 
> > I don't have many modules: 
> > 
> > # puppet module list 
> > Warning: Module 'puppetlabs-stdlib' (v6.1.0) fails to meet some 
> > dependencies: 
> >'saz-timezone' (v5.1.1) requires 'puppetlabs-stdlib' (>=2.6.0 < 
> 6.0.0) 
> > Warning: Missing dependency 'stm-debconf': 
> >'saz-timezone' (v5.1.1) requires 'stm-debconf' (>= 2.0.0 < 3.0.0) 
> > /etc/puppetlabs/code/environments/production/modules 
> > ├── fixnetix-base (v0.1.0) 
> > ├── puppet-selinux (v3.0.0) 
> > ├── puppetlabs-stdlib (v6.1.0) 
> > └── saz-timezone (v5.1.1) 
> > /etc/puppetlabs/code/modules (no modules installed) 
> > /opt/puppetlabs/puppet/modules (no modules installed) 
> > 
> > # ls environments/production/modules/base/ 
> > appveyor.yml  CHANGELOG.md  data  examples  files  Gemfile   
> > Gemfile.lock  hiera.yaml  manifests  metadata.json  Rakefile  README.md 
>   
> > spec  tasks  templates 
> > 
> > The moduleshiera.yaml is as follows: 
> > 
> > # cat environments/production/modules/base/hiera.yaml 
> > --- 
> > version: 5 
> > 
> > defaults:  # Used for any hierarchy level that omits these keys. 
> >datadir: data # This path is relative to hiera.yaml's 
> directory. 
> >data_hash: yaml_data  # Use the built-in YAML backend. 
> > 
> > hierarchy: 
> >- name: "osfamily/major release" 
> >  paths: 
> >- "os/%{facts.os.family}/%{facts.os.release.major}.yaml" 
> >  # Used for Solaris 
> >- "os/%{facts.os.family}/%{facts.kernelrelease}.yaml" 
> >  # Used to distinguish between Debian and Ubuntu 
> >- "os/%{facts.os.name}/%{facts.os.release.major}.yaml" 
> >- name: "nodes" 
> >- "nodes/%{trusted.certname}.yaml" 
> >- name: "osfamily" 
> >  paths: 
> >- "os/%{facts.os.family}.yaml" 
> >- "os/%{facts.os.name}.yaml" 
> >- name: 'common' 
> >  path: 'common.yaml' 
> > 
> > I get following returned when I lookup: 
> > 
> > # puppet lookup match_address --node nodename.domain.com.yaml --explain 
> > 
> > Searching for "lookup_options" 
> >Global Data Provider (hiera configuration version 5) 
> >  No such key: "lookup_options" 
> >Environment Data Provider (hiera configuration version 5) 
> >  Using configuration 
> > "/etc/puppetlabs/code/environments/production/hiera.yaml" 
> >  Merge strategy hash 
> >Hierarchy entry "Per-node data" 
> >  Path 
> > "/etc/puppetlabs/code/environments/production/data/nodes/.yaml" 
> >Original path: "nodes/%{trusted.certname}.yaml" 
> >Path not found 
> >Hierarchy entry "Per-OS defaults" 
> >  Path 
> "/etc/puppetlabs/code/environments/production/data/os/.yaml" 
> >Original path: "os/%{facts.os.family}.yaml" 
> >Path not found 
> >Hierarchy entry "Common data" 
> >  Path 
> > "/etc/puppetlabs/code/environments/production/data/common.yaml" 
> >Original path: "common.yaml" 
> >Path not found 
> > Searching for "match_address" 
> >Global Data Provider (hiera configuration version 5) 
> >  No such key: "match_address" 
> >Environment Data Provider (hiera configuration version 5) 
> >  Using configuration 
> > "/etc

Re: [Puppet Users] Hiera Setup Lookup Complaining

2020-02-24 Thread Henrik Lindberg


On 2020-02-24 17:06, Dan Crisp wrote:

Hello all,

Strugling to get started with Hiera (all new to me):



First glance that looks ok, as you can see it is not finding your key in
any of the resulting paths. From where (which data file) was it supposed 
to find the key you looked up?


Best,
- henrik



# more /etc/puppetlabs/puppet/hiera.yaml
---
*# Hiera 5 Global configuration file*

version: 5

# defaults:
#   data_hash: yaml_data
# hierarchy:
#  - name: Common
#    data_hash: yaml_data
hierarchy: []

# more environments/production/hiera.yaml
---
version: 5
defaults:
   # The default value for "datadir" is "data" under the same directory 
as the hiera.yaml

   # file (this file)
   # When specifying a datadir, make sure the directory exists.
   # See https://puppet.com/docs/puppet/latest/environments_about.html 
for further details on environments.

    datadir: data
    data_hash: yaml_data
hierarchy:
   - name: "Per-node data"                   # Human-readable name.
     path: "nodes/%{trusted.certname}.yaml"  # File path, relative to 
datadir.


   - name: "Per-OS defaults"
     path: "os/%{facts.os.family}.yaml"

   - name: "Common data"
     path: "common.yaml"

# more environment/production/data/nodes/nodename.domain.com.yaml
---
sshdconfig:
   match_address: "xx.xx.xx.xx"
   permit_root_login: without-password


I don't have many modules:

# puppet module list
Warning: Module 'puppetlabs-stdlib' (v6.1.0) fails to meet some 
dependencies:

   'saz-timezone' (v5.1.1) requires 'puppetlabs-stdlib' (>=2.6.0 < 6.0.0)
Warning: Missing dependency 'stm-debconf':
   'saz-timezone' (v5.1.1) requires 'stm-debconf' (>= 2.0.0 < 3.0.0)
/etc/puppetlabs/code/environments/production/modules
├── fixnetix-base (v0.1.0)
├── puppet-selinux (v3.0.0)
├── puppetlabs-stdlib (v6.1.0)
└── saz-timezone (v5.1.1)
/etc/puppetlabs/code/modules (no modules installed)
/opt/puppetlabs/puppet/modules (no modules installed)

# ls environments/production/modules/base/
appveyor.yml  CHANGELOG.md  data  examples  files  Gemfile  
Gemfile.lock  hiera.yaml  manifests  metadata.json  Rakefile  README.md  
spec  tasks  templates


The moduleshiera.yaml is as follows:

# cat environments/production/modules/base/hiera.yaml
---
version: 5

defaults:  # Used for any hierarchy level that omits these keys.
   datadir: data         # This path is relative to hiera.yaml's directory.
   data_hash: yaml_data  # Use the built-in YAML backend.

hierarchy:
   - name: "osfamily/major release"
     paths:
       - "os/%{facts.os.family}/%{facts.os.release.major}.yaml"
         # Used for Solaris
       - "os/%{facts.os.family}/%{facts.kernelrelease}.yaml"
         # Used to distinguish between Debian and Ubuntu
       - "os/%{facts.os.name}/%{facts.os.release.major}.yaml"
   - name: "nodes"
       - "nodes/%{trusted.certname}.yaml"
   - name: "osfamily"
     paths:
       - "os/%{facts.os.family}.yaml"
       - "os/%{facts.os.name}.yaml"
   - name: 'common'
     path: 'common.yaml'

I get following returned when I lookup:

# puppet lookup match_address --node nodename.domain.com.yaml --explain

Searching for "lookup_options"
   Global Data Provider (hiera configuration version 5)
     No such key: "lookup_options"
   Environment Data Provider (hiera configuration version 5)
     Using configuration 
"/etc/puppetlabs/code/environments/production/hiera.yaml"

     Merge strategy hash
       Hierarchy entry "Per-node data"
         Path 
"/etc/puppetlabs/code/environments/production/data/nodes/.yaml"

           Original path: "nodes/%{trusted.certname}.yaml"
           Path not found
       Hierarchy entry "Per-OS defaults"
         Path "/etc/puppetlabs/code/environments/production/data/os/.yaml"
           Original path: "os/%{facts.os.family}.yaml"
           Path not found
       Hierarchy entry "Common data"
         Path 
"/etc/puppetlabs/code/environments/production/data/common.yaml"

           Original path: "common.yaml"
           Path not found
Searching for "match_address"
   Global Data Provider (hiera configuration version 5)
     No such key: "match_address"
   Environment Data Provider (hiera configuration version 5)
     Using configuration 
"/etc/puppetlabs/code/environments/production/hiera.yaml"

     Hierarchy entry "Per-node data"
       Path "/etc/puppetlabs/code/environments/production/data/nodes/.yaml"
         Original path: "nodes/%{trusted.certname}.yaml"
         Path not found
     Hierarchy entry "Per-OS defaults"
       Path "/etc/puppetlabs/code/environments/production/data/os/.yaml"
         Original path: "os/%{facts.os.family}.yaml"
         Path not found
     Hierarchy entry "Common data"
       Path "/etc/puppetlabs/code/environments/production/data/common.yaml"
         Original path: "common.yaml"
         Path not found
Function lookup() did not find a value for the name 'match_address'

--
You received this message because you are subscribed to the Google 
Groups "Puppet Users" group.
To unsubscribe from this gr

[Puppet Users] Hiera Setup Lookup Complaining

2020-02-24 Thread Dan Crisp

Hello all,

Strugling to get started with Hiera (all new to me):

# more /etc/puppetlabs/puppet/hiera.yaml
---
*# Hiera 5 Global configuration file*

version: 5

# defaults:
#   data_hash: yaml_data
# hierarchy:
#  - name: Common
#data_hash: yaml_data
hierarchy: []

# more environments/production/hiera.yaml
---
version: 5
defaults:
  # The default value for "datadir" is "data" under the same directory as 
the hiera.yaml
  # file (this file)
  # When specifying a datadir, make sure the directory exists.
  # See https://puppet.com/docs/puppet/latest/environments_about.html for 
further details on environments.
   datadir: data
   data_hash: yaml_data
hierarchy:
  - name: "Per-node data"   # Human-readable name.
path: "nodes/%{trusted.certname}.yaml"  # File path, relative to 
datadir.

  - name: "Per-OS defaults"
path: "os/%{facts.os.family}.yaml"

  - name: "Common data"
path: "common.yaml"

# more environment/production/data/nodes/nodename.domain.com.yaml
---
sshdconfig:
  match_address: "xx.xx.xx.xx"
  permit_root_login: without-password


I don't have many modules:

# puppet module list
Warning: Module 'puppetlabs-stdlib' (v6.1.0) fails to meet some 
dependencies:
  'saz-timezone' (v5.1.1) requires 'puppetlabs-stdlib' (>=2.6.0 < 6.0.0)
Warning: Missing dependency 'stm-debconf':
  'saz-timezone' (v5.1.1) requires 'stm-debconf' (>= 2.0.0 < 3.0.0)
/etc/puppetlabs/code/environments/production/modules
├── fixnetix-base (v0.1.0)
├── puppet-selinux (v3.0.0)
├── puppetlabs-stdlib (v6.1.0)
└── saz-timezone (v5.1.1)
/etc/puppetlabs/code/modules (no modules installed)
/opt/puppetlabs/puppet/modules (no modules installed)

# ls environments/production/modules/base/
appveyor.yml  CHANGELOG.md  data  examples  files  Gemfile  Gemfile.lock  
hiera.yaml  manifests  metadata.json  Rakefile  README.md  spec  tasks  
templates

The modules hiera.yaml is as follows:

# cat environments/production/modules/base/hiera.yaml
---
version: 5

defaults:  # Used for any hierarchy level that omits these keys.
  datadir: data # This path is relative to hiera.yaml's directory.
  data_hash: yaml_data  # Use the built-in YAML backend.

hierarchy:
  - name: "osfamily/major release"
paths:
  - "os/%{facts.os.family}/%{facts.os.release.major}.yaml"
# Used for Solaris
  - "os/%{facts.os.family}/%{facts.kernelrelease}.yaml"
# Used to distinguish between Debian and Ubuntu
  - "os/%{facts.os.name}/%{facts.os.release.major}.yaml"
  - name: "nodes"
  - "nodes/%{trusted.certname}.yaml"
  - name: "osfamily"
paths:
  - "os/%{facts.os.family}.yaml"
  - "os/%{facts.os.name}.yaml"
  - name: 'common'
path: 'common.yaml'

I get following returned when I lookup:

# puppet lookup match_address --node nodename.domain.com.yaml --explain

Searching for "lookup_options"
  Global Data Provider (hiera configuration version 5)
No such key: "lookup_options"
  Environment Data Provider (hiera configuration version 5)
Using configuration 
"/etc/puppetlabs/code/environments/production/hiera.yaml"
Merge strategy hash
  Hierarchy entry "Per-node data"
Path "/etc/puppetlabs/code/environments/production/data/nodes/.yaml"
  Original path: "nodes/%{trusted.certname}.yaml"
  Path not found
  Hierarchy entry "Per-OS defaults"
Path "/etc/puppetlabs/code/environments/production/data/os/.yaml"
  Original path: "os/%{facts.os.family}.yaml"
  Path not found
  Hierarchy entry "Common data"
Path "/etc/puppetlabs/code/environments/production/data/common.yaml"
  Original path: "common.yaml"
  Path not found
Searching for "match_address"
  Global Data Provider (hiera configuration version 5)
No such key: "match_address"
  Environment Data Provider (hiera configuration version 5)
Using configuration 
"/etc/puppetlabs/code/environments/production/hiera.yaml"
Hierarchy entry "Per-node data"
  Path "/etc/puppetlabs/code/environments/production/data/nodes/.yaml"
Original path: "nodes/%{trusted.certname}.yaml"
Path not found
Hierarchy entry "Per-OS defaults"
  Path "/etc/puppetlabs/code/environments/production/data/os/.yaml"
Original path: "os/%{facts.os.family}.yaml"
Path not found
Hierarchy entry "Common data"
  Path "/etc/puppetlabs/code/environments/production/data/common.yaml"
Original path: "common.yaml"
Path not found
Function lookup() did not find a value for the name 'match_address'

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/795b8faa-ab78-4576-b8b8-ad31eba2c4e8%40googlegroups.com.

[Puppet Users] Hiera value not being passed

2019-10-02 Thread Jagga Soorma

Hello,

I am testing out hiera and trying to pass some hiera values to a
module so that it can do specific tasks for a given node which does
not seem to be working.  Here is my setup:

--
# puppet lookup
--hiera_config=/root/test/puppetlabs/code/environments/production/hiera.yaml
nodetype
--- mgmt

# puppet apply 
--hiera_config=/root/test/puppetlabs/code/environments/production/hiera.yaml
--modulepath /root/test/puppetlabs/code/environments/production/modules
/root/test/puppetlabs/code/environments/production/manifests/site.pp
Warning: The function 'hiera_include' is deprecated in favor of using
'lookup'. See https://puppet.com/docs/puppet/6.9/deprecated_language.html
   (file & line not available)
Error: Evaluation Error: Error while evaluating a Function Call,
Class[Foo]: expects a value for parameter 'nodetype' (file:
/root/test/puppetlabs/code/environments/production/manifests/site.pp,
line: 2, column: 3) on node node1.test.org

# cat /root/test/puppetlabs/code/environments/production/hiera.yaml |
grep -v '#'
---
version: 5
defaults:
  datadir: data
  data_hash: yaml_data
hierarchy:
- name: "Yaml heirarchy"
  data_hash: yaml_data
  paths:
- "nodes/%{facts.networking.fqdn}.yaml"
- "roles/common.yaml"
- 'common.yaml'

# cat 
/root/test/puppetlabs/code/environments/production/data/nodes/node1.test.org.yaml
---
nodetype: 'mgmt'
classes:
 - foo

# cat /root/test/puppetlabs/code/environments/production/manifests/site.pp
node default {
  hiera_include('classes')
}

# cat 
/root/test/puppetlabs/code/environments/production/modules/foo/manifests/init.pp
class foo (
  String $nodetype,
){
  if $nodetype == 'mgmt' {
file { "/tmp/hello":
  ensure => file,
  source => 'puppet:///modules/foo/hello.mgmt',
}
  }
  elsif $nodetype == 'login' {
file { '/tmp/hello':
  ensure => file,
  source => 'puppet:///modules/foo/hello.login',
}
  }
}
--

Not sure what I am missing here, but any guidance would be helpful.
Also, let me know if there is a better way to tackle this.

Thanks,
-J

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAKyjK52YXktitNNd-CL8Te0pLZ5Gw2WNVdusa4-Hd_Wje7EfYw%40mail.gmail.com.

Re: [Puppet Users] Hiera and precedence

2019-01-18 Thread Henrik Lindberg


On 2019-01-17 18:40, Peter Berghold wrote:
I'm having a revertment to my noob days with respect to how hiera 
works.  (Version 3 for now)


If I have the hierarchy of

- common
- nodes/"%{fqdn}"
- datacenter/"%{fdatacenter}"

if in common.yaml I have "module::parms::server: server1" and in 
nodes/myclient.yaml I have "module::parms::server: server2" and in 
datacenter/NYCA.yaml (and the host presents NYCA as its datacenter) I 
have "module::parms::server: server3" which value will be presented for 
host myclient?


I could have sworn I read the lower down the list of hierarchy a value 
was it would override the one above it. I just read this morning that 
hiera stops at the first value it finds which is a bit of a problem for 
what I'm trying to accomplish.




Hiera has always gone from top to bottom in the list in hiera.yaml
and it returns the first found.

You want "common" (the default) to be last in the list.

- henrik

--

Visit my Blog "Puppet on the Edge"
http://puppet-on-the-edge.blogspot.se/

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/q1s97u%24p5t%241%40blaine.gmane.org.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Hiera and precedence

2019-01-17 Thread 'Dan White' via Puppet Users

I think you have it bass-ackwards 
https://puppet.com/docs/puppet/5.0/hiera_hierarchy.html

"Sometimes I think the surest sign that intelligent life exists elsewhere in 
the universe is that none of it has tried to contact us."
Bill Waterson (Calvin & Hobbes)

> On Jan 17, 2019, at 12:40 PM, Peter Berghold  wrote:
> 
> I'm having a revertment to my noob days with respect to how hiera works.  
> (Version 3 for now) 
> 
> If I have the hierarchy of 
> 
> - common
> - nodes/"%{fqdn}"
> - datacenter/"%{fdatacenter}"
> 
> if in common.yaml I have "module::parms::server: server1" and in 
> nodes/myclient.yaml I have "module::parms::server: server2" and in 
> datacenter/NYCA.yaml (and the host presents NYCA as its datacenter) I have 
> "module::parms::server: server3" which value will be presented for host 
> myclient? 
> 
> I could have sworn I read the lower down the list of hierarchy a value was it 
> would override the one above it. I just read this morning that hiera stops at 
> the first value it finds which is a bit of a problem for what I'm trying to 
> accomplish.
> 
> 
> 
> -- 
> 
> Peter L. Berghold   salty.cowd...@gmail.com
> http://science-fiction.berghold.net
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/CAArvnv0%2BApOXSmMJfTVOpLAH4%2Bx7uZ5dSa84mibO_%2BDr2yMD%2BQ%40mail.gmail.com.
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/417DD705-5A11-433D-B11F-63203A264EF6%40icloud.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Hiera and precedence

2019-01-17 Thread Peter Berghold

I'm having a revertment to my noob days with respect to how hiera works.
(Version 3 for now)

If I have the hierarchy of

- common
- nodes/"%{fqdn}"
- datacenter/"%{fdatacenter}"

if in common.yaml I have "module::parms::server: server1" and in
nodes/myclient.yaml I have "module::parms::server: server2" and in
datacenter/NYCA.yaml (and the host presents NYCA as its datacenter) I have
"module::parms::server: server3" which value will be presented for host
myclient?

I could have sworn I read the lower down the list of hierarchy a value was
it would override the one above it. I just read this morning that hiera
stops at the first value it finds which is a bit of a problem for what I'm
trying to accomplish.



-- 

Peter L. Berghold   salty.cowd...@gmail.com

h ttp://science-fiction.berghold.net

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAArvnv0%2BApOXSmMJfTVOpLAH4%2Bx7uZ5dSa84mibO_%2BDr2yMD%2BQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Hiera mod not working

2018-08-02 Thread John

I've got a puppet instance where I'm trying to setup a hiera job to modify
a file managed by puppet. The file is /etc/security/access.conf. The file
looks like (some details removed):

[root@util nodes]# more hostx.yaml
X::os::auth::access: '+ : USERACCOUNT : ALL'
X::os::auth::access: '- :ALL EXCEPT root wheel jboss G X-wheel
X-local-it X-net-admin X-app-admin X-app-support : ALL
EXCEPT LOCAL'

[root@util nodes]#

it does not work. Here is a Hiera config that does work:

[root@util nodes]# more hostz.yaml
X::os::timezone::zone: 'US/Central'
[root@util nodes]#

If I run puppet agent with a --verbose I get the following (snippet) in the
output:

Debug:
/Stage[main]/X::Os::Auth::App/X::Os::Auth::Access[app_access]/Concat::Fragment[frag_sec_access_app_access]/File[/opt/puppetlabs/puppet/cache/concat/_etc_security_access.conf/fragments/200_frag_sec_access_app_access]:

Adding autorequire relationship with
File[/opt/puppetlabs/puppet/cache/concat/_etc_security_access.conf/fragments]

The timezone mod works, but not the one for /etc/security/access.conf. Any
advice or hints would be appreciated.

TIA

--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/c35b9f02-f52e-41b3-8e68-0d73aef66e8d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Hiera and nested / reuse variables

2018-07-13 Thread Helmut Schneider

Angel L. Mateo wrote:

> El 21/06/18 a las 14:32, Helmut Schneider escribió:
> > Hi,
> > 
> > common.yaml:
> > 
> > profiles:
> >mailserver:
> >  postfix:
> >instances:
> >  postfix-in:
> >instance_path: '/etc/postfix-in'
> >other_path:"%{instance_path}"  <= required
> > 
> > Is it possible to nest both variables somehow? Or alternatively from
> > common.pp:
> 
> common.yaml:
> 
> instance_path: '/etc/postfix-in'
> profile:
>mailserver:
>  postfix:
>instances:
>  postfix-in:
>instance_path: "%{hiera('instance_path')}"
>other_path:"%{hiera('instance_path')}"
> 

I tried

profile:
  mailserver:
postfix:
  instances:
postfix-in:
  instance_path: '/etc/posfix-in'
  other_path:
"%{hiera('profile::mailserver::postifx::instances::postfix-in::instance_
path')}"

which gives an empty value.

> or, if you want to reuse value in the same file:
> 
>instance_path: &instance_path '/etc/postfix-in'
>other_path: *instance_path

This works but can I also construct a string here? Like

  instance_path: &instance_path '/etc/postfix-in'
  other_path: "*instance_path something_else"

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/xn0lcer7hvrowur002%40news.gmane.org.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Hiera and nested / reuse variables

2018-06-21 Thread Angel L. Mateo


El 21/06/18 a las 14:32, Helmut Schneider escribió:

Hi,

common.yaml:

profiles:
   mailserver:
 postfix:
   instances:
 postfix-in:
   instance_path: '/etc/postfix-in'
   other_path:"%{instance_path}"  <= required

Is it possible to nest both variables somehow? Or alternatively from
common.pp:


common.yaml:

instance_path: '/etc/postfix-in'
profile:
  mailserver:
postfix:
  instances:
postfix-in:
  instance_path: "%{hiera('instance_path')}"
  other_path:"%{hiera('instance_path')}"

or, if you want to reuse value in the same file:

  instance_path: &instance_path '/etc/postfix-in'
  other_path: *instance_path



Can I somehow use $instance_path from common.pp in common.yaml?


I don't think so. hiera is processed before catalog compilation.

--
Angel L. Mateo Martínez
Sección de Telemática
Área de Tecnologías de la Información
y las Comunicaciones Aplicadas (ATICA)
http://www.um.es/atica
Tfo: 868889150
Fax: 86337

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/1f797a41-60ce-14f3-c2b0-4c2840dece50%40um.es.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Hiera and nested / reuse variables

2018-06-21 Thread Helmut Schneider

Hi,

common.yaml:

profiles:
  mailserver:
postfix:
  instances:
postfix-in:
  instance_path: '/etc/postfix-in'
  other_path:"%{instance_path}"  <= required

Is it possible to nest both variables somehow? Or alternatively from
common.pp:

$instance_path =
$profiles['mailserver']['postfix']['instances'][postfix-in]['instance_pa
th']

Can I somehow use $instance_path from common.pp in common.yaml?

helmut@puppet:~$ sudo puppet agent -V
4.10.12
helmut@puppet:~$

Thank you!

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/xn0lbgz1d8mkmi000%40news.gmane.org.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Hiera: Using multiple facts in one path

2018-06-12 Thread Henrik Lindberg


On 2018-06-13 08:19, Dirk Heinrichs wrote:

Hi,

is this possible? For example:

:hierarchy:

   - "kernel/%{::kernel}/%{::kernelmajversion}"

   - "kernel/%{::kernel}"

   - common



yes
- henrik


Thanks...

     Dirk
--


Visit my Blog "Puppet on the Edge"
http://puppet-on-the-edge.blogspot.se/

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/pfqe8g%246g6%241%40blaine.gmane.org.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Hiera: Using multiple facts in one path

2018-06-12 Thread Dirk Heinrichs

Hi,

is this possible? For example:

:hierarchy:
- "kernel/%{::kernel}/%{::kernelmajversion}"
- "kernel/%{::kernel}"
- common

Thanks...

Dirk

Dirk Heinrichs
Senior Systems Engineer, Delivery Pipeline
OpenText (tm) Discovery | Recommind
Email: dhein...@opentext.com
Website: www.recommind.de
Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach
Vertretungsberechtigte Geschäftsführer John Marshall Doolittle, Gordon Davies,
Christian Waida, Registergericht Amtsgericht Bonn, Registernummer HRB 10646
This e-mail may contain confidential and/or privileged information. If you are
not the intended recipient (or have received this e-mail in error) please
notify the sender immediately and destroy this e-mail. Any unauthorized
copying, disclosure or distribution of the material in this e-mail is strictly
forbidden
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen.
Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten
haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail.
Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail sind nicht
gestattet.

--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/DM3PR15MB0877E4D8DA2217952A70645FAA7E0%40DM3PR15MB0877.namprd15.prod.outlook.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] hiera lookup

2018-05-31 Thread jcbollinger



On Wednesday, May 30, 2018 at 11:01:40 AM UTC-5, Ugo Bellavance wrote:
 

>  
>
>>
>> Of course, where a resource type or class defines default values for its 
>> parameters and those values meet your requirements, it's fine to rely on 
>> those.  You don't necessarily need to explicitly provide a value for every 
>> parameter.  And do note the important distinction between *declaring* a 
>> class or resource, and *defining* a class or resource type.
>>
>
> This is something that I have always had trouble understanding and lacked 
> time to read more on it.  And even if I read on it...
>


The distinction is analogous to that between defining a function and 
calling one.  "Defining" says what the class or type name means:

# Class definition
class mymodule::myclass (String $a_param) {
  notify { "${a_param}": }
}

or

# (Defined) type definition
define mymodule::mytype (String $a_param) {
  notify { "${title}: ${a_param}": }
}

"Declaring" says to actually use the entity:

# A resource-like class declaration
class { 'mymodule::myclass': a_param => 'value' }

# Various include-like class declarations:
include 'mymodule::myclass'
require 'mymodule::myclass'
contain 'mymodule::myclass'

# A resource declaration
mymodule::mytype { 'title': a_param => 'value' }

# A function call that causes a resource to be declared
create_resources('mymodule::mytype', { 'title2' => { 'a_param' => 'value2' } 
})


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/6d6efd06-2bf6-4b70-bcb1-1debcb32e61f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] hiera lookup

2018-05-30 Thread Ugo Bellavance

When I leave just the class declaration it works:
>
>
>> class {'postgresql::server::contrib':
>> }
>>
>
>
> Well if that serves your needs (and it should) then it is better form to 
> use an include-like declaration instead:
>
> include 'postgresql::server::contrib'
>
> But that's mostly a style consideration.  It will affect behavior only if 
> now or in the future there is a(nother) resource-like declaration of that 
> class somewhere in your manifest set.
>
>
Excellent.
 

>
> Is there a way to have the class declaration in hiera? I tried using this 
>> at the top of my yaml file but it didn't work:
>>
>> ---
>> classes:
>>   - postgresql::server::contrib
>>
>
>
> Hiera just provides data and metadata.  It does not have any inherent 
> behavior associated.
>
> But that absolutely can have the form of an array of class names, which 
> can even be spread across multiple hierarchy levels, and you can use that 
> array to declare the named classes.  The old way was to use the 
> hiera_include() function in one of your manifests, but in recent Puppet 
> (4.x and later) you should be using the lookup() function and regular 
> include() function:
>
> include(lookup('classes', Array[String], 'unique', []))
>
>  
>
>>  
>>
>>>  
>>>
 So class parameters are automatically looked up in hiera, but define 
 parameters (or whatever name it is for objects) is not?

>>>
>>>
>>> That is correct.  There are good reasons for it, but a discussion of 
>>> those would be tangential.  If you're interested, you can find at least one 
>>> such discussion in the archives of this group.
>>>
>>>  
>> Ok thanks,
>>
>> Are the modules supposed to manage that or the user? 
>>
>
>
> Whoever declares a resource instance or a class is responsible for binding 
> the appropriate values to its parameters.  In particular, modules are 
> responsible for binding appropriate data to the resources and classes that 
> they declare internally, but you are responsible for binding values to the 
> resources and classes that you declare, regardless of where the class or 
> resource type is *defined*, and, for resources, regardless of whether 
> they are of plug-in or defined type.  If one interprets "the user" as 
> "whoever is responsible for the declaration" on an entity-by-entity basis, 
> then that simplifies to the user being responsible for managing parameters.
>

I see.  During my testing I found out that if I use create_resources and 
put nothing about it, it throws an error.
 

>
> Of course, where a resource type or class defines default values for its 
> parameters and those values meet your requirements, it's fine to rely on 
> those.  You don't necessarily need to explicitly provide a value for every 
> parameter.  And do note the important distinction between *declaring* a 
> class or resource, and *defining* a class or resource type.
>

This is something that I have always had trouble understanding and lacked 
time to read more on it.  And even if I read on it...
 

>
>
> John
>
>
Thanks John.  You and Arnau are simply amazing. I say something similar 
almost every time I post on this group, but this group provide better 
support than *any* of our software/hardware vendors. Faster support, and of 
better quality. Kudos to all the people who participate here.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/17e6e035-8fa4-48a0-8b78-e4e6752f6b37%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] hiera lookup

2018-05-30 Thread jcbollinger

On Tuesday, May 29, 2018 at 1:04:10 PM UTC-5, Ugo Bellavance wrote:
>
> That's awfully surprising if those data appear in an Hiera data file from 
>> which you are successfully loading other data.  If that is in fact 
>> happening then the most likely reason would be that a resource-like class 
>> declaration for that class somewhere in your manifest set is explicitly 
>> declaring different parameter values for that class (in which case the 
>> Hiera data will not be consulted).  But if that were the case, then I would 
>> expect Puppet to raise an error when you added your own resource-like 
>> declaration of the same class.  Another possibility is that there are 
>> conflicting data in some higher-priority level of your data hierarchy, but 
>> that would be surprising considering how you arrived where you now are.
>>
>> My best guess, therefore, is that the file in which you placed the 
>> parameter data is not being consulted at all for the node in question (so 
>> that in fact you are *not* successfully loading other data from it, 
>> either).
>>
>>
> I'm testing with a minimal setup, just to make sure.
>
> I have one manifest, site.pp, that I call locally (no server), and one 
> hiera file, common.yaml.
>
> I found it.  I stupidly commented the whole class declaration in site.pp.
>
> When I leave just the class declaration it works:
>
> class {'postgresql::server::contrib':
> }
>

Well if that serves your needs (and it should) then it is better form to 
use an include-like declaration instead:

include 'postgresql::server::contrib'

But that's mostly a style consideration.  It will affect behavior only if 
now or in the future there is a(nother) resource-like declaration of that 
class somewhere in your manifest set.

Is there a way to have the class declaration in hiera? I tried using this 
> at the top of my yaml file but it didn't work:
>
> ---
> classes:
>   - postgresql::server::contrib
>

Hiera just provides data and metadata.  It does not have any inherent 
behavior associated.

But that absolutely can have the form of an array of class names, which can 
even be spread across multiple hierarchy levels, and you can use that array 
to declare the named classes.  The old way was to use the hiera_include() 
function in one of your manifests, but in recent Puppet (4.x and later) you 
should be using the lookup() function and regular include() function:

include(lookup('classes', Array[String], 'unique', []))

>  
>
>>  
>>
>>> So class parameters are automatically looked up in hiera, but define 
>>> parameters (or whatever name it is for objects) is not?
>>>
>>
>>
>> That is correct.  There are good reasons for it, but a discussion of 
>> those would be tangential.  If you're interested, you can find at least one 
>> such discussion in the archives of this group.
>>
>>  
> Ok thanks,
>
> Are the modules supposed to manage that or the user? 
>

Whoever declares a resource instance or a class is responsible for binding 
the appropriate values to its parameters.  In particular, modules are 
responsible for binding appropriate data to the resources and classes that 
they declare internally, but you are responsible for binding values to the 
resources and classes that you declare, regardless of where the class or 
resource type is *defined*, and, for resources, regardless of whether they 
are of plug-in or defined type.  If one interprets "the user" as "whoever 
is responsible for the declaration" on an entity-by-entity basis, then that 
simplifies to the user being responsible for managing parameters.

Of course, where a resource type or class defines default values for its 
parameters and those values meet your requirements, it's fine to rely on 
those.  You don't necessarily need to explicitly provide a value for every 
parameter.  And do note the important distinction between *declaring* a 
class or resource, and *defining* a class or resource type.

John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/8d10401a-6703-4d7a-b003-aa82350b7b3a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] hiera lookup

2018-05-29 Thread Ugo Bellavance


>
> That's awfully surprising if those data appear in an Hiera data file from 
> which you are successfully loading other data.  If that is in fact 
> happening then the most likely reason would be that a resource-like class 
> declaration for that class somewhere in your manifest set is explicitly 
> declaring different parameter values for that class (in which case the 
> Hiera data will not be consulted).  But if that were the case, then I would 
> expect Puppet to raise an error when you added your own resource-like 
> declaration of the same class.  Another possibility is that there are 
> conflicting data in some higher-priority level of your data hierarchy, but 
> that would be surprising considering how you arrived where you now are.
>
> My best guess, therefore, is that the file in which you placed the 
> parameter data is not being consulted at all for the node in question (so 
> that in fact you are *not* successfully loading other data from it, 
> either).
>
>
I'm testing with a minimal setup, just to make sure.

I have one manifest, site.pp, that I call locally (no server), and one 
hiera file, common.yaml.

I found it.  I stupidly commented the whole class declaration in site.pp.

When I leave just the class declaration it works:

class {'postgresql::server::contrib':
}


Is there a way to have the class declaration in hiera? I tried using this 
at the top of my yaml file but it didn't work:

---
classes:
  - postgresql::server::contrib
 

>  
>
>> So class parameters are automatically looked up in hiera, but define 
>> parameters (or whatever name it is for objects) is not?
>>
>
>
> That is correct.  There are good reasons for it, but a discussion of those 
> would be tangential.  If you're interested, you can find at least one such 
> discussion in the archives of this group.
>
>  
Ok thanks,

Are the modules supposed to manage that or the user? 

Thanks,

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/b50f0abe-bf50-453e-913c-9baac7802d20%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] hiera lookup

2018-05-29 Thread jcbollinger

On Tuesday, May 29, 2018 at 7:25:11 AM UTC-5, Ugo Bellavance wrote:
>
>
>
> On Tuesday, May 29, 2018 at 6:55:01 AM UTC-4, Arnau wrote:
>>
>>
>>
>> 2018-05-29 12:24 GMT+02:00 Ugo Bellavance :
>>
>>>
>>>
>>> On Tuesday, May 29, 2018 at 5:54:54 AM UTC-4, Arnau wrote:

 Hi,

 postgresql::server::contrib::package_name: 'rh-postgresql96-postgresql-
 contrib'
 postgresql::server::contrib::packages_ensure: present

>>> I don't get the error anymore.  It's not doing what it's supposed but 
>>> I'll look into it. I'll try the same thing with the manifest just to see.
>>>
>>
>> What is it doing ?
>>
>
> It should be install the package with the name specified in 
> postgresql::server::contrib::package_name
>
> Setting the parameters in the manifest works:
>
> class {'postgresql::server::contrib':
>   package_name=> 'rh-postgresql96-postgresql-contrib',
>   package_ensure  => 'present',
> }
>
> But this hiera data doesn't:
>
> postgresql::server::contrib::package_name: 
> 'rh-postgresql96-postgresql-contrib'
> postgresql::server::contrib::packages_ensure: present
>

That's awfully surprising if those data appear in an Hiera data file from 
which you are successfully loading other data.  If that is in fact 
happening then the most likely reason would be that a resource-like class 
declaration for that class somewhere in your manifest set is explicitly 
declaring different parameter values for that class (in which case the 
Hiera data will not be consulted).  But if that were the case, then I would 
expect Puppet to raise an error when you added your own resource-like 
declaration of the same class.  Another possibility is that there are 
conflicting data in some higher-priority level of your data hierarchy, but 
that would be surprising considering how you arrived where you now are.

My best guess, therefore, is that the file in which you placed the 
parameter data is not being consulted at all for the node in question (so 
that in fact you are *not* successfully loading other data from it, either).

> So class parameters are automatically looked up in hiera, but define 
> parameters (or whatever name it is for objects) is not?
>

That is correct.  There are good reasons for it, but a discussion of those 
would be tangential.  If you're interested, you can find at least one such 
discussion in the archives of this group.

John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/2c0d893c-9e75-4fa9-b780-59bcdbc0a671%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] hiera lookup

2018-05-29 Thread Ugo Bellavance



On Tuesday, May 29, 2018 at 6:55:01 AM UTC-4, Arnau wrote:
>
>
>
> 2018-05-29 12:24 GMT+02:00 Ugo Bellavance >:
>
>>
>>
>> On Tuesday, May 29, 2018 at 5:54:54 AM UTC-4, Arnau wrote:
>>>
>>> Hi,
>>>
>>> postgresql::server::contrib::package_name: 'rh-postgresql96-postgresql-
>>> contrib'
>>> postgresql::server::contrib::packages_ensure: present
>>>
>>>
>> I don't get the error anymore.  It's not doing what it's supposed but 
>> I'll look into it. I'll try the same thing with the manifest just to see.
>>
>
> What is it doing ?
>

It should be install the package with the name specified in 
postgresql::server::contrib::package_name

Setting the parameters in the manifest works:

class {'postgresql::server::contrib':
  package_name=> 'rh-postgresql96-postgresql-contrib',
  package_ensure  => 'present',
}

But this hiera data doesn't:

postgresql::server::contrib::package_name: 
'rh-postgresql96-postgresql-contrib'
postgresql::server::contrib::packages_ensure: present

What vesion of pupet/hiera? what version of the postgres module are you 
> using?
>

# puppet -V
4.10.10

# hiera -V
1.3.4

puppetlabs-postgresql (v5.3.0)

I ran puppet in debug mode and when I use the manifest, I can see all the 
entries related to Package[postgresql-contrib], but nothing when using 
hiera.
 

>
>
>
>> But why do we have to use create_resources for the postgresql::server::db 
>> section but all the others are OK? Is it just because 
>> postgresql::server::db is an array?
>>
>
>
> *create_resources*
>
> Converts a hash into a set of resources and adds them to the catalog.
>
> This function takes two mandatory arguments: a resource type, and a hash 
> describing a set of resources. The hash should be in the form {title => 
> {parameters} }:
>
>
> *postgresql::server::db *is a *define*
> *postgresql::server::contrib* is a *class*
>
> In the first case you use create_resources cause you want to create 
> resources from the type postgresql::server::db (one or many). So the 
> create_resources function expects a hash with a list of databases + its 
> parameters.
>
> The second case you want to pass values to a class parameters. The class 
> does not expect any has:
>
> class postgresql::server::contrib (
> String $package_name = $postgresql::params::contrib_package_name,
> String[1] $package_ensure = 'present'
> ) inherits postgresql::params {
>
>
So class parameters are automatically looked up in hiera, but define 
parameters (or whatever name it is for objects) is not?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/26e7eed0-566d-474e-afab-d6c633dec289%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] hiera lookup

2018-05-29 Thread Arnau

2018-05-29 12:24 GMT+02:00 Ugo Bellavance :

>
>
> On Tuesday, May 29, 2018 at 5:54:54 AM UTC-4, Arnau wrote:
>>
>> Hi,
>>
>> postgresql::server::contrib::package_name: 'rh-postgresql96-postgresql-
>> contrib'
>> postgresql::server::contrib::packages_ensure: present
>>
>>
> I don't get the error anymore.  It's not doing what it's supposed but I'll
> look into it. I'll try the same thing with the manifest just to see.
>

What is it doing ?
What vesion of pupet/hiera? what version of the postgres module are you
using?



> But why do we have to use create_resources for the postgresql::server::db
> section but all the others are OK? Is it just because
> postgresql::server::db is an array?
>


*create_resources*

Converts a hash into a set of resources and adds them to the catalog.

This function takes two mandatory arguments: a resource type, and a hash
describing a set of resources. The hash should be in the form {title =>
{parameters} }:


*postgresql::server::db *is a *define*
*postgresql::server::contrib* is a *class*

In the first case you use create_resources cause you want to create
resources from the type postgresql::server::db (one or many). So the
create_resources function expects a hash with a list of databases + its
parameters.

The second case you want to pass values to a class parameters. The class
does not expect any has:

class postgresql::server::contrib (
String $package_name = $postgresql::params::contrib_package_name,
String[1] $package_ensure = 'present'
) inherits postgresql::params {


HTH,
arnau




>
> Thanks,
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/puppet-users/d796f5ff-311a-46a0-b703-f12d7f1555b7%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAM69jx99Yr86-7OMpOUEdaKEqT2snh-XEne-EHzudTpmHH4Xuw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] hiera lookup

2018-05-29 Thread Ugo Bellavance



On Tuesday, May 29, 2018 at 5:54:54 AM UTC-4, Arnau wrote:
>
> Hi,
>
> postgresql::server::contrib::package_name: 'rh-postgresql96-postgresql-
> contrib'
> postgresql::server::contrib::packages_ensure: present
>
>
I don't get the error anymore.  It's not doing what it's supposed but I'll 
look into it. I'll try the same thing with the manifest just to see.

But why do we have to use create_resources for the postgresql::server::db 
section but all the others are OK? Is it just because 
postgresql::server::db is an array?

Thanks,

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/d796f5ff-311a-46a0-b703-f12d7f1555b7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] hiera lookup

2018-05-29 Thread Arnau

Hi,

postgresql::server::contrib::package_name: 'rh-postgresql96-postgresql-
contrib'
postgresql::server::contrib::packages_ensure: present

HTH,
Arnau

2018-05-29 11:50 GMT+02:00 Ugo Bellavance :

> Hi,
>
> Here's the content of my whole file, thanks:
>
> ---
>
> postgresql::globals::client_package_name: 'rh-postgresql96-postgresql'
> postgresql::globals::createdb_path: '/opt/rh/rh-postgresql96/root/
> usr/bin/createdb'
> postgresql::globals::datadir: '/var/opt/rh/rh-postgresql96/lib/pgsql/data'
> postgresql::globals::manage_package_repo: true
> postgresql::globals::needs_initdb: false
> postgresql::globals::psql_path: '/opt/rh/rh-postgresql96/root/
> usr/bin/psql'
> postgresql::globals::server_package_name: 'rh-postgresql96-postgresql-
> server'
>
>
> postgresql::server::service_name: 'rh-postgresql96-postgresql.service'
> postgresql::server::service_reload: 'systemctl reload
> rh-postgresql96-postgresql.service'
> postgresql::server::ip_mask_deny_postgres_user: '0.0.0.0/32'
> postgresql::server::ip_mask_allow_all_users: '0.0.0.0/0'
> postgresql::server::listen_addresses: '*'
> postgresql::server::service_restart_on_change: false
>
> postgresql::server::contrib:
>   package_name:
> 'rh-postgresql96-postgresql-contrib'
>   packages_ensure:
> true
>
> postgresql::server::db:
>   'mydb1':
> user:  'db1'
> password:  'db1'
>   'mydb2':
> user:  'db2'
> password:  'db2'
>   'mydb3':
> user:  'db3'
> password:  'db3'
>
> On Tuesday, May 29, 2018 at 3:09:08 AM UTC-4, Arnau wrote:
>>
>> Hi,
>>
>> are you sure the errors is about the contrib?
>> can you show us the hiera content for ' postgresql::server::db' ? Could
>> it be that you have an string when a Hash is expected (for the
>> create_resource).
>>
>> Best,
>> Arnau
>>
>> 2018-05-28 22:19 GMT+02:00 Ugo Bellavance :
>>
>>> Hi,
>>>
>>> I am using the postgresql module and I wanted to put all my data in
>>> hiera. Some parameters were simply looked up automatically, like
>>> postgresql::globals:: and postgresql::server::.
>>>
>>> For postgresql::server::db, I had to put this in my manifest:
>>>
>>>   $dbs=hiera('postgresql::server::db')
>>>   create_resources('postgresql::server::db', $dbs)
>>>
>>> And it works.  However, I'm looking for a way to make
>>> postgresql::server::contrib work as well, but I can't make it to work.
>>> When I use the same recipe I get this error:
>>>
>>> no implicit conversion of String into Hash
>>>
>>> How can I make postgresql::server::contrib work as well and why aren't
>>> ::db and ::contrib working out-of the box like globals and server?
>>>
>>> Format for ::db is:
>>>
>>> postgresql::server::db { 'db1':
>>>   user => 'user1',
>>>   password => password,
>>> }
>>>
>>> Format for ::contrib is
>>>
>>> class {'postgresql::server::contrib':
>>>   package_name=> 'rh-postgresql96-postgresql-contrib',
>>>   package_ensure  => true,
>>> }
>>>
>>>
>>> Thanks,
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Puppet Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to puppet-users...@googlegroups.com.
>>> To view this discussion on the web visit https://groups.google.com/d/ms
>>> gid/puppet-users/61c18a0f-76fe-4be8-83fc-aa8703f28cb5%40googlegroups.com
>>> 
>>> .
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/puppet-users/93053ac8-a9ba-46e8-a6b7-e46fa150fad8%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAM69jx9zGKPvEsC2eivkaqtdLTbyXd2B3-y%3D-k-zW%2BY8eA%2B0uw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] hiera lookup

2018-05-29 Thread Ugo Bellavance

Hi,

Here's the content of my whole file, thanks:

---

postgresql::globals::client_package_name: 'rh-postgresql96-postgresql'
postgresql::globals::createdb_path: 
'/opt/rh/rh-postgresql96/root/usr/bin/createdb'
postgresql::globals::datadir: '/var/opt/rh/rh-postgresql96/lib/pgsql/data'
postgresql::globals::manage_package_repo: true
postgresql::globals::needs_initdb: false
postgresql::globals::psql_path: '/opt/rh/rh-postgresql96/root/usr/bin/psql'
postgresql::globals::server_package_name: 
'rh-postgresql96-postgresql-server'


postgresql::server::service_name: 'rh-postgresql96-postgresql.service'
postgresql::server::service_reload: 'systemctl reload 
rh-postgresql96-postgresql.service'
postgresql::server::ip_mask_deny_postgres_user: '0.0.0.0/32'
postgresql::server::ip_mask_allow_all_users: '0.0.0.0/0'
postgresql::server::listen_addresses: '*'
postgresql::server::service_restart_on_change: false

postgresql::server::contrib:
  package_name:
'rh-postgresql96-postgresql-contrib'
  packages_ensure:
true

postgresql::server::db:
  'mydb1':
user:  'db1'
password:  'db1'
  'mydb2':
user:  'db2'
password:  'db2'
  'mydb3':
user:  'db3'
password:  'db3'

On Tuesday, May 29, 2018 at 3:09:08 AM UTC-4, Arnau wrote:
>
> Hi,
>
> are you sure the errors is about the contrib?
> can you show us the hiera content for ' postgresql::server::db' ? Could 
> it be that you have an string when a Hash is expected (for the 
> create_resource).
>
> Best,
> Arnau
>
> 2018-05-28 22:19 GMT+02:00 Ugo Bellavance >:
>
>> Hi,
>>
>> I am using the postgresql module and I wanted to put all my data in 
>> hiera. Some parameters were simply looked up automatically, like 
>> postgresql::globals:: and postgresql::server::.
>>
>> For postgresql::server::db, I had to put this in my manifest:
>>
>>   $dbs=hiera('postgresql::server::db')
>>   create_resources('postgresql::server::db', $dbs)
>>
>> And it works.  However, I'm looking for a way to make 
>> postgresql::server::contrib work as well, but I can't make it to work.  
>> When I use the same recipe I get this error:
>>
>> no implicit conversion of String into Hash
>>
>> How can I make postgresql::server::contrib work as well and why aren't 
>> ::db and ::contrib working out-of the box like globals and server?
>>
>> Format for ::db is:
>>
>> postgresql::server::db { 'db1':
>>   user => 'user1',
>>   password => password,
>> }
>>
>> Format for ::contrib is 
>>
>> class {'postgresql::server::contrib':
>>   package_name=> 'rh-postgresql96-postgresql-contrib',
>>   package_ensure  => true,
>> }
>>
>>
>> Thanks,
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to puppet-users...@googlegroups.com .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/puppet-users/61c18a0f-76fe-4be8-83fc-aa8703f28cb5%40googlegroups.com
>>  
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/93053ac8-a9ba-46e8-a6b7-e46fa150fad8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] hiera lookup

2018-05-29 Thread Arnau

Hi,

are you sure the errors is about the contrib?
can you show us the hiera content for ' postgresql::server::db' ? Could it
be that you have an string when a Hash is expected (for the
create_resource).

Best,
Arnau

2018-05-28 22:19 GMT+02:00 Ugo Bellavance :

> Hi,
>
> I am using the postgresql module and I wanted to put all my data in hiera.
> Some parameters were simply looked up automatically, like
> postgresql::globals:: and postgresql::server::.
>
> For postgresql::server::db, I had to put this in my manifest:
>
>   $dbs=hiera('postgresql::server::db')
>   create_resources('postgresql::server::db', $dbs)
>
> And it works.  However, I'm looking for a way to make postgresql::server::
> contrib work as well, but I can't make it to work.  When I use the same
> recipe I get this error:
>
> no implicit conversion of String into Hash
>
> How can I make postgresql::server::contrib work as well and why aren't
> ::db and ::contrib working out-of the box like globals and server?
>
> Format for ::db is:
>
> postgresql::server::db { 'db1':
>   user => 'user1',
>   password => password,
> }
>
> Format for ::contrib is
>
> class {'postgresql::server::contrib':
>   package_name=> 'rh-postgresql96-postgresql-contrib',
>   package_ensure  => true,
> }
>
>
> Thanks,
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/puppet-users/61c18a0f-76fe-4be8-83fc-aa8703f28cb5%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAM69jx9j%2B6R_kPJ4T0daXu7R9-Zw-z109ag3%3DV2F4q%2B1R-WVFw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Hiera and roles/profiles

2018-05-18 Thread Arnau

Hi all,

I recently moved from puppet 3 to puppet 5 and hiera 1 to 3. I'm taking
this opportunity to change a little bit the hierarchy setup I've been using
for the last years.
In my previous conf I used to create a custom fact for each role so I could
do something like:

- "%{environment}/hieradb/role/%{::role}"

and in each role file I specified the classes and any other role bases
customizations for the role. So far so good. This approach is something
that I'll continue using.

But now I'd like to do something similar with profiles: add a custom fact
for each profile so I can later use something like:

- "%{environment}/hieradb/profile/%{::profile}"

Obviously this approach does not work when you have more than one profile:

First, I'd need to create the profile custom_fact as an array of several
profiles and, then, I'd have to tell hiera to look in every profile from
the same hierarchy level. In a node with profiles A/B/C hiera should have
to look in the files:

"%{environment}/hieradb/profile/profileA.yaml"
"%{environment}/hieradb/profile/profileB.yaml"
"%{environment}/hieradb/profile/profileC.yaml"

Based on my tests (yup, I tried this) if hiera finds the value in, let's
say, profileB.yaml it stops scanning this level and profileC.yaml is not
evaluated.
In any case, even if hiera continues scanning all files in the same lelve,
this approach will create a conflic in hiera itself whenever it finds the
same variable defined in 2 profiles. ¿Which one should I choose?

So, the (obvious) solution is to move any profile customization to the role
level, the same I've been doing till now.
But I was wondering if some part of my approach could be possible (without
having to decalre all the possible profiles in my hiera tree) or if
someone was somehow using the "profile" in the hiera tree (and how)?.

TIA,
Arnau

--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAM69jx9szrMR3gqN_q2YLUYZq6qsROkRfoRea%3D-KvhGQ3%2BqH2g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Hiera brainstorming

2018-05-10 Thread Craig Dunn

On Sun, May 6, 2018 at 9:26 PM, Robert  wrote:

>
> And the problem: sometimes I'd like to have teams to control only a
> specific application, on a server which is already delegated to a team.
> E.g. the backup admins should be able to configure the backup software's
> agent on Oracle *and* webservers as well, but $team == oracle and $team ==
> web on these servers already, of course.
>
>
Have you looked at Jerakia? (disclaimer: I maintain it) You're requirements
are almost identical to what lead to it's development in the first place
and this use case isn't too dissimilar from the use case in the example
here;
https://www.craigdunn.org/2015/09/solving-real-world-problems-with-jerakia/

With that you can have multiple lookups each with their own datasource /
hierarchy but confine or exclude the lookups from the search based on a
customizable criteria such as the teametc.  So you could route lookup
requests originating from the oracle module to an entirely different lookup
and set of data but that lookup won't get used for other modules Sounds
like it would probably solve your issue without having a giant hierarchy
that get scanned for every single key.

Craig


-- 
Enviatics |  Automation and Configuration Management
http://www.enviatics.com | @Enviatics | cr...@enviatics.com

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CACxdKhHiEfWCgRGvNBLSnYXVbJTnJfGSU8uq%3D%2Bk8jsGrOMqFHw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

1 2 3 4 5 6 7 8 >

1 - 100 of 705 matches

Mail list logo