Issues with hiera
89 views
Skip to first unread message
Toki Winter
Dec 14, 2013, 12:17:44 AM12/14/13
to puppet...@googlegroups.com
Hi all,
I'm running the following versions of Puppet and Hiera:
[root@centosa manifests]# puppet agent --version
3.3.2
[root@centosa manifests]# hiera --version
1.3.0
I have defined my hiera.yaml as follows:
[root@centosa hieradata]# cat /etc/puppet/hiera.yaml
---
:backends:
- yaml
:yaml:
:datadir: /etc/puppet/hieradata
:hierarchy:
- %{::clientcert}
- %{::operatingsystem}
- common
And I have my various yaml files in the datadir directory:
[root@centosa hieradata]# ls
centosa.local.yaml common.yaml Solaris.yaml
[root@centosa hieradata]# cat centosa.local.yaml
---
security::tcpwrappers::hostsallow: "puppet:///modules/security/etc/hosts.allow-centosa.local"
security::tcpwrappers::hostsdeny: "puppet:///modules/security/etc/hosts.deny-centosa.local"
[root@centosa hieradata]# cat common.yaml
---
security::tcpwrappers::hostsallow: "puppet:///modules/security/etc/hosts.allow-common"
security::tcpwrappers::hostsdeny: "puppet:///modules/security/etc/hosts.deny-common"
[root@centosa hieradata]# cat Solaris.yaml
---
security::tcpwrappers::hostsallow: "puppet:///modules/security/etc/hosts.allow-solaris"
security::tcpwrappers::hostsdeny: "puppet:///modules/security/etc/hosts.deny-solaris"
In my /etc/puppet/modules/security/manifests/tcpwrappers.pp I'm trying to reference the variable:
[root@centosa manifests]# cat tcpwrappers.pp
class security::tcpwrappers {
file { "/etc/hosts.allow" :
owner => 'root',
group => 'root',
mode => '0644',
source => $hostsallow
}
file { "/etc/hosts.deny" :
owner => 'root',
group => 'root',
mode => '0644',
source => $hostsdeny
}
}
However, the variable is empty (as can be evidenced by having a fail( "$hostsalllow" ) and checking the output on an agent run.
I've a similar set up on another server, and it seems to be working fine, and I can't fathom what's different here.
Any help would be appreciated.
Cheers,
Toki
I'm running the following versions of Puppet and Hiera:
[root@centosa manifests]# puppet agent --version
3.3.2
[root@centosa manifests]# hiera --version
1.3.0
I have defined my hiera.yaml as follows:
[root@centosa hieradata]# cat /etc/puppet/hiera.yaml
---
:backends:
- yaml
:yaml:
:datadir: /etc/puppet/hieradata
:hierarchy:
- %{::clientcert}
- %{::operatingsystem}
- common
And I have my various yaml files in the datadir directory:
[root@centosa hieradata]# ls
centosa.local.yaml common.yaml Solaris.yaml
[root@centosa hieradata]# cat centosa.local.yaml
---
security::tcpwrappers::hostsallow: "puppet:///modules/security/etc/hosts.allow-centosa.local"
security::tcpwrappers::hostsdeny: "puppet:///modules/security/etc/hosts.deny-centosa.local"
[root@centosa hieradata]# cat common.yaml
---
security::tcpwrappers::hostsallow: "puppet:///modules/security/etc/hosts.allow-common"
security::tcpwrappers::hostsdeny: "puppet:///modules/security/etc/hosts.deny-common"
[root@centosa hieradata]# cat Solaris.yaml
---
security::tcpwrappers::hostsallow: "puppet:///modules/security/etc/hosts.allow-solaris"
security::tcpwrappers::hostsdeny: "puppet:///modules/security/etc/hosts.deny-solaris"
In my /etc/puppet/modules/security/manifests/tcpwrappers.pp I'm trying to reference the variable:
[root@centosa manifests]# cat tcpwrappers.pp
class security::tcpwrappers {
file { "/etc/hosts.allow" :
owner => 'root',
group => 'root',
mode => '0644',
source => $hostsallow
}
file { "/etc/hosts.deny" :
owner => 'root',
group => 'root',
mode => '0644',
source => $hostsdeny
}
}
However, the variable is empty (as can be evidenced by having a fail( "$hostsalllow" ) and checking the output on an agent run.
I've a similar set up on another server, and it seems to be working fine, and I can't fathom what's different here.
Any help would be appreciated.
Cheers,
Toki
Paul Archer
Dec 16, 2013, 2:42:49 PM12/16/13
to puppet...@googlegroups.com
Is your clientcert == 'centosa', or is it 'centosa.example.com'?
And have you tested it on the command line:
hiera security::tcpwrappers::hostsallow operatingsystem=CentOS
jcbollinger
Dec 16, 2013, 5:01:53 PM12/16/13
to puppet...@googlegroups.com
On Friday, December 13, 2013 11:17:44 PM UTC-6, Toki Winter wrote:
Automatic data binding applies to class parameters, not generally to all class variables. You have two good alternatives:
1. Add explicit lookups to your class:
$hostsallow = hiera('security::tcpwrappers::hostsallow')
Note that in this case the key can be anything you like; it does not have to start with the class name, though there are advantages to that. Alternatively,
2. You can make $hostsallow and $hostsdeny parameters of your class:
class security::tcpwrappers(
$hostsallow,
$hostsdeny) {
# ...
}
John
Reply all
Reply to author
Forward
0 new messages