Node-less puppet setup using Hiera
Following a big puppet 2.7 => 3.3 space jump (it took quite some times to test/setup/adapt everything) I am trying to get a cleaner/saner puppet usage to avoid errors, duplication (allowing to easily override some conf for a specific deployment site at some specific location) and to avoid slapping my lazyness with a truit.
So I crawled a bit the web, and read a lot of different posts/bugs/idas/rants, and did not find the golden-wonderfull-definitive set-up guide, so here are the things that are on the way:
- Use hiera for storing the nodes configuration
- Assign classes using hiera (node-less setup?)
- Create roles and profiles modules to allow to encapsulate contents not configurable using hiera
Hiera base setup
Nothing to fancy here as shown in the hiera.yaml file, just an environment-dependent datadir and a first draft of the hierarchy that will be used.
- json
:datadir: /etc/puppet/environments/%{::environment}/hieradata/
- "%{::fqdn}"
- "%{::company_role}"
- "%{::company_location}"
- "%{::virtual}"
- "%{::operatingsystem}-${lsbdistrelease}"
- "%{::operatingsystem}-${lsbmajdistrelease}"
- "%{::operatingsystem}"
- "%{::osfamily}"
- common
Custom facts for hiera
Here two hiera data sources are meant to be able to easily configure a node according to its location or role. (location meaning more or less a more or less physical location with some specific network configuration or other specific rules/requirements)
In order to be able to assign the role and location, custom facts were added (company_role and company_location), based on the content of a file (/etc/company.conf) that have to be available on the server. (see XXX for more)
require 'facter'
if File.exist?('/etc/company.conf')
File.readlines('/etc/company.conf').each do |line|
if line =~ /^(.+)=(.+)$/
varname = "company" + $1.strip
value = $2.strip
Facter.add(varname) do
setcode { value }
Assigning class to nodes using hiera
"classes" : [
"ntp::server" : [
# Load classes from hiera conf merging all classes for inclusion
Assigning defines to nodes using hiera
Defines parameters are stored in a hash, the key is the resource title and the value is a hash of define parameters.
"rsyslog_configs" : {
"iptables.conf" : {
"ensure" : "present",
"source" : "puppet:///modules/site/rsyslog/rsyslog.d/iptables.conf"
"puppet-agent.conf" : {
"ensure" : "present",
"source" : "puppet:///modules/site/rsyslog/rsyslog.d/puppet-agent.conf"
Defines have to be instanciated calling create_resource with the retrieved define configuration hash.
node default {
# Load classes from hiera conf merging all classes for inclusion
# Retrieve rsyslog configurations if any
$rsyslog_configs = hiera_hash('rsyslog_configs', {})
create_resources('rsyslog::config', $rsyslog_configs)