This is my global.yaml file
---
puppet:
running: 'running'
atboot: true
When I run "hiera --config hiera.yaml puppet" the output is
{"running"=>"running", "atboot"=>true}
Which is the expected output.
But when I try to access the inner values by running "hiera --config hiera.yaml puppet::running" I get nil value.
My hiera version is 3.0.6.
You are misunderstanding that puppet::running is a key name, whereas you seem to want puppet.running.
If you have a common.yaml file with:
---
puppet:
running: running
atboot: true
puppet::running: foo
In the latest Puppet 5 and 6, you could try this (remembering that the hiera CLI command is deprecated in favour of puppet lookup):
$ puppet lookup puppet
---
running: running
atboot: true
$ puppet lookup puppet::running
--- foo
$ puppet lookup puppet.running
--- running
Or, in your version of Puppet:
$ hiera puppet
{"running"=>"running", "atboot"=>true}
$ hiera puppet::running
foo
$ hiera puppet.running
running
Related
I'm just start learning Puppet, really new to this world. I'm using puppet 2.7.26 on my two learning VMs --
puppet-master 192.168.160.131
eisen-suse11 192.168.160.129
Follow the turial, I've signed the node "eisen-suse11" to puppet-master successfully--
puppet-master:/etc/puppet/modules/motd/manifests # puppet cert --list --all
+ "eisen-suse11" (A0:7F:E2:77:30:9A:96:E3:79:FD:F7:1E:59:35:5B:1E)
+ "puppet-master" (38:90:B5:8A:68:8A:A7:44:8A:2F:07:D3:F3:AC:E8:80) (alt names: "DNS:puppet", "DNS:puppet-master", "DNS:puppet-master.suse11", "DNS:puppet.suse11")
+ "puppet-master.suse11" (5D:9E:A4:D9:0C:5F:69:07:FA:55:13:C3:38:6D:9B:26)
Then follow the book, I write a module -- motd -- which should put a file to client node --
puppet-master:/etc/puppet/modules/motd/manifests # cat init.pp
class motd{
package{ 'setup':
ensure => present,
}
file{ '/etc/motd':
ensure => present,
owner => 'root',
group => 'root',
mode => '0644',
source => "puppet://$puppetserver/modules/motd/etc/motd",
require => Package['setup']
}
}
puppet-master:/etc/puppet/modules/motd/manifests # cat site.pp
$puppetserver='puppet-master.suse11'
node 'eisen-suse11'{
include motd
}
But when I tested "puppet agent --test --trace" on the client node -- eisen-suse11 --- it's all quiet --
eisen-suse11:~ # puppet agent --test --trace
info: Caching catalog for eisen-suse11
info: Applying configuration version '1633779962'
notice: Finished catalog run in 0.01 seconds
eisen-suse11:~ # ls /etc/motd
ls: cannot access /etc/motd: No such file or directory
That "/etc/motd" is not copied from puppet-master --
Does anyone can help? Any idea would be appreciated.
RGS
Eisen
The problem is that your node is receiving an empty catalog, which is happening because you put your site.pp file in the wrong place. Puppet will not find it inside the module. It has been a very long time since I wrote code for Puppet 2 (and I hung on to that version much longer than was healthy), but as I recall, the correct directory for that file would be /etc/puppet/manifests.
But again, as I wrote in comments, Puppet 2 is utterly obsolete and well past the end of its life. Ditch it, and also ditch any books you have that teach it. The only reason I can think of to learn this version of Puppet is that you have an existing legacy infrastructure that you are obligated to maintain, but if you are faced with such a Puppet code base in 2021 then it would be best to rewrite from scratch for Puppet 7.
I'm trying to build a Hiera configuration for my Puppet setup. My Hosts are FreeBSD and Debian systems. Therefore I have a configuration based on ::osfamily. But since I'm making extensive use of Jails I would like to have a further breakdown of my FreeBSD hosts with ::virtual.
from hiera.yaml:
:hierarchy:
- "osfamily/%{::osfamily}"
- "%{::virtual}/%{::osfamily}"
- common
And my data directory tree:
hieradata/
|-- common.yaml
|-- osfamily
| |-- Debian.yaml
| `-- FreeBSD.yaml
|-- physical
| `-- FreeBSD.yaml
|-- jailed
`-- virtual
In my understandigs puppet should apply everything osfamily/FreeBSD.yaml and afterwards from physical/FreeBSD.yaml for a physical FreeBSD host.
Now I want to install the CA-Certificates package on every host and have a class for that task:
class certificates ( $packageName = hiera('ca_package') ){
# Install CA-Certificates
package { $packageName:
ensure => installed,
}
}
That class is included from common.yaml
classes:
- certificates
And the ca_package-Variable is defined in osfamily/FreeBSD.yaml:
---
rootuser: root
rootgroup: wheel
sshservicename: sshd
ca_package: 'security/ca_root_nss'
When I do a hiera test on that variable, everything is working fine:
# hiera -c /usr/local/etc/puppet/hiera.yaml ca_package ::osfamily=FreeBSD
security/ca_root_nss
#
But Puppet is (even in Jails) complaining, that the data item ca_package is not available.
Error: Could not retrieve catalog from remote server: Error 400 on
SERVER: Could not find data item ca_package in any Hiera data file and
no default supplied at
/usr/local/etc/puppet/modules/certificates/manifests/init.pp:2 on node
puppet.fqdn
What am I doing wrong?
The best way to debug hiera is using below command:
puppet master --debug --compile hostname --osfamily=FreeBSD |grep hiera
look for the key ca_package, then you should know how to fix.
Second, your hostname is puppet.fqdn, which is weird for me.
Check if the facter variable 'osfamily' on your client is 'FreeBSD'. Alternatively you can enable debug on puppetserver (logback.xml) and see the log to see which hierarchy its going through and where its failing to get the ca_package.
The best way to debug Hiera is running lookup command on Puppet server node:
$ puppet lookup --environment production --explain --node fqdn.example.com ca_package
where ca_package is the hiera key you're looking for. The --explain flag is helpful for verifying paths were Puppet is looking for the key.
Also merge behavior can be manually defined:
puppet lookup --merge deep --environment production --node fqdn.example.com
facter --version
3.0.2 (commit 5dc120fa9db4c19150466b1bbd1d0cf42c87c6bd)
puppet --version
4.2.1
Using this as an example:
https://serverfault.com/questions/471995/how-do-i-check-if-a-user-exists-in-puppet
I'm having some issues which do not seem to be common. If I:
root#puppet manifests]# puppet master --compile cs1.home
Error: Evaluation Error: Unknown variable: '::user_exists_dmadmin'. at /etc/puppetlabs/code/environments/production/manifests/site.pp:28:5 on node cs1.home
From
/etc/puppetlabs/code/environments/production/modules/facts/lib/facter/user_exists_dmadmin.rb
require 'facter'
Facter.add(:user_exists_dmadmin) do
setcode do
name = "dmadmin"
Facter::Util::Resolution.exec("/usr/bin/id -u #{name} 2>/dev/null")
#puts "inside user_exists_dmadmin"
end
end
And site.pp contains
node "cs1.home" {
if ($::user_exists_dmadmin) {
notify {"Documentum Installation Owner exists - NOT making an installation
at this time!" : }
}else
{
notify {"Calling the Documentum Class for installation of Documentum":}
include documentum
}
}
And when I compile the catalog
[root#puppet production]# puppet master --compile cs1.home
Error: Evaluation Error: Unknown variable: '::user_exists_dmadmin'. at /etc/puppetlabs/code/environments/production/manifests/site.pp:29:6 on node cs1.home
Will be very grateful to know why the error.
Many thanks
Kevin
When you use puppet master --compile the last set of cached facts for the node are used, which means that this fact must not have been sent the last time puppet was run by the actual agent. Run puppet agent --test from cs1.home so that the plugin can be synced down and new fact values cached.
just testing out hiera and I'd like to be able to view all the available data (variable=value pairs) in the hierarchy for a given node.
My Hiera hierarchy is configured as:
---
:backends:
- yaml
- json
:yaml:
:datadir: C:\Puppet\hieradata
:hierarchy:
- "Env/%{::env}"
- common
I can run the following to return node1's value for 'some-common' variable :
>hiera some-common ::env=node1
data
What I'd like to be able to see is all the variable=value pairs available to node1 in the hierarchy, is this possible?
Thanks
I'm afraid this is not possible. Closest thing you could do is dump facts for specific node:
facter -y > node.yml
And then use them for look for specific keys:
hiera -y node.yml my_class:arg -d
this way you will be able to access Hiera keys based on operating system, domain, etc. (depends on your hierarchy defined in hiera.yaml).
Yet another option is to ssh into puppet master node. And use puppet lookup (should be available since Puppet 4). lookup is using by default Hiera backend (again requires hiera.yaml config file).
puppet lookup resolv_conf::nameservers --node mynode.example.net
or more verbose version:
puppet lookup resolv_conf::nameservers --merge deep --environment production --explain --node mynode.example.net
I found another workaround - you can add top level key to your yaml data:
node-data:
hosts:
- localhost:3367
- company.com
dns: 8.8.8.8
policy:
retries: 3
timeout: 5
and do puppet lookup with merge for this top level key, e.g.:
puppet lookup --merge hash/deep node_data
I have installed puppet on two nodes, and the server node hostname is "uys0115", and the cient node hostname is "uys0119", and the server node have siged the client node. When I exec the commad: puppet cert list --all, we can see:
+ "uys0115" (24:55:95:77:8E:60:33:77:C8:D4:74:EA:01:21:BD:5A)
+ "uys0119" (86:53:1B:81:E5:4F:88:23:E8:34:E1:AB:03:D4:AE:7C)
The puppet main directory is /etc/puppet/, I have write an example and the organization of files as follows:
/etc/puppet/--
|-/manifests/site.pp
|-/modules/test/--
|-/files/text.txt
|-/manifests/init.pp
|-/manifests/test.pp
The code in /etc/puppet/modules/test/manifests/test.pp is:
class test1 {
package { "bison":
ensure=>"installed",
}
exec { "puppet test":
command=>"/bin/touch /tmp/puppet-test",
}
file { "/tmp/test.txt":
ensure => "present",
source => "puppet:///modules/test/test.txt"
}
}
and the code in /etc/puppet/modules/test/manifests/init.pp is just import "*";
and the code in /etc/puppet/manifests/site.pp as follows:
import "test"
node default {
include "test1"
}
When I in the client node uys0119 and exec the command puppet agent --test --server uys0115.
It executed successfully and created two files puppet-test and test.txt in the directory /tmp/.
In the server node when I exec the command puppet apply site.pp, it also executed successfully and created two files. However, the terminal out put two warning messages:
warning: Could not retrieve fact fqdn
warning: Host is missing hostname and/or domain: uys0115
When I changed the code in /etc/puppet/manifests/site.pp as follows:
import "test"
node "uys0119" {
include "test1"
}
and exec the command puppet apply site.pp in the server node, it failed an output the error messages:
warning: Could not retrieve fact fqdn
warning: Host is missing hostname and/or domain: uys0115
warning: Host is missing hostname and/or domain: uys0115
Could not find default node or by name with 'uys0115' on node uys0115
But the client node can sucessfully exec the command puppet agent --test --server uys0115 too. Can anybody explain that?
If I want to the server node send some repuests to the client nodes and drive some client nodes responses the server and procduces results. How can I do when uses puppet? Can somebody give me an example? thanks very much!!!
The server puppet serves as both puppet master and puppet node.
When you edited site.pp as below:
import "test"
node default {
include "test1"
}
all puppet nodes connect to puppet master will do operations defined in class "test1". So you found two files in both uys0115 and uys0119(treat as a puppet node).
When changed your site.pp to the following:
import "test"
node "uys0119" {
include "test1"
}
puppet node uys0115 can not find its definition in site.pp (because it only defines uys0119) and puppet master output error info like this:
Could not find default node or by name with 'uys0115' on node uys0115
Here is a modified site.pp can eliminate this error:
import "test"
node "uys0119" {
include "test1"
}
node "uys0115" {
include "test1"
}
In puppet master/slave mode, you'd better use fqdn such as uys0115.localdomain, then the following warning will not show
warning: Host is missing hostname and/or domain: uys0115