Problem with Hiera deep merge
251 views
Skip to first unread message
Antoine Cotten
Jul 25, 2014, 6:31:32 AM7/25/14
to puppet...@googlegroups.com
Hi Puppet users,
I've been using Hiera's deep merge feature on class parameters for months, however when I try to pair it with the create_resources function things get ugly.
Situation:
I want to deploy a set of Unix users on all my machines. They have standard rights by default and get access to the wheel group on a per-server basis depending on their needs.
In my module I have:
manifests/user.pp
And in Hiera:
hiera/common.yaml
It works great so far. All my users are deployed on all machines.
Now I try to add the user foo to the wheel group on dev_server:
hiera/dev_server.example.com.yaml
Since the deeper merge bahavior is enabled this should merge my user list just fine.
But... BANG! It all breaks apart:
However, if I query Hiera from the shell, it returns the expected user hash:
$ hiera --hash user_list ::clientcert=dev_server.example.com
Corruption? Madness? Did I miss something crucial when reading through the documentation?
Thank you in advance for the hints :)
Toni
-----------------------------------------------------------------------------------------------
Just for your information:
hiera.yaml
I've been using Hiera's deep merge feature on class parameters for months, however when I try to pair it with the create_resources function things get ugly.
Situation:
I want to deploy a set of Unix users on all my machines. They have standard rights by default and get access to the wheel group on a per-server basis depending on their needs.
In my module I have:
manifests/user.pp
class environment::users ( $users = hiera_hash('user_list') {
create_resources('user', $users)
}
And in Hiera:
hiera/common.yaml
user_list:
foo:
ensure: present
uid: '1001'
gid: '1001'
groups: []
comment: Doctor Foo
bar:
ensure: present
uid: '1002'
gid: '1002'
groups: []
comment: Mister Bar
It works great so far. All my users are deployed on all machines.
Now I try to add the user foo to the wheel group on dev_server:
hiera/dev_server.example.com.yaml
user_list:
foo:
groups: wheel
Since the deeper merge bahavior is enabled this should merge my user list just fine.
But... BANG! It all breaks apart:
Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Must pass uid to User[foo] on node dev_server.example.com
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
However, if I query Hiera from the shell, it returns the expected user hash:
$ hiera --hash user_list ::clientcert=dev_server.example.com
{"ensure"=>"present",
"gid"=>"1001",
"groups"=>"wheel",
"comment"=>"Mister Foo",
"uid"=>"1001"},
"bar"=>
{"ensure"=>"present",
"gid"=>"1002",
"groups"=>"[]",
"comment"=>"Doctor Bar",
"uid"=>"1002"}}
Thank you in advance for the hints :)
Toni
-----------------------------------------------------------------------------------------------
Just for your information:
- Puppet 3.6.2
- Hiera 1.3.4
- deep_merge gem 1.0.1
hiera.yaml
:backends:
- yaml
:hierarchy:
- "%{::clientcert}"
- common
:merge_behavior: deeper
:yaml:
:datadir: /etc/puppet/hiera
Antoine Cotten
Jul 25, 2014, 6:55:00 AM7/25/14
to puppet...@googlegroups.com
Btw, please ignore the typo (missing parenthesis) in the manifest, trust me it's not here in the real manifest.
Funny fact I just discovered: if I move the $user parameter INSIDE the code of the class, and get rid of the class parameter (of course) it works just fine. So why would the hiera_hash function not work properly when called in class parameters?
Funny fact I just discovered: if I move the $user parameter INSIDE the code of the class, and get rid of the class parameter (of course) it works just fine. So why would the hiera_hash function not work properly when called in class parameters?
Antoine Cotten
Jul 25, 2014, 7:14:50 AM7/25/14
to puppet...@googlegroups.com
I actually found the answer in another topic.
I changed my variable name to $unixusers instead of $users and it started working. I suspect a naming conflict within my class, since another $users variable was declared at a higher level.
I changed my variable name to $unixusers instead of $users and it started working. I suspect a naming conflict within my class, since another $users variable was declared at a higher level.
Reply all
Reply to author
Forward
0 new messages