Background
I am using puppet5 & hiera5 on a puppet master from separate git repos.
The code is deployed using r10k into their respective locations using the branch to environment directory mapping.
Due to the environment conflict limitation in r10k (apologies if this is no longer the case) I use a separate location for my hieradata:
Puppet code - /etc/puppetlabs/code/envirnments/
Hiera code - /etc/puppetlabs/code/hieradata/
I have a global hiera.yaml file in /etc/puppetlabs/puppet/hiera.yaml and an environment specific hiera.yaml file in my hiera branch / environment location.
e.g. /etc/puppetlabs/code/hieradata/production/hiera.yaml
Problem
My environment hiera.yaml is ignored due to its location, it is expected to be where my puppet <ENVIRONMENT> code is:
/etc/puppetlabs/code/environments/production/hiera.yaml
taken from https://docs.puppet.com/puppet/5.0/hiera_config_yaml_5.html#location
but instead it is:
/etc/puppetlabs/code/hieradata/production/hiera.yaml
Solution
The only solution that I have been able to find is to locate a hiera.yaml in my puppet code repo with a datadir set to
datadir: ../../hieradata/%{::environment}/hieradata
(it must be relative)
Which works ok but is not ideal so I am looking for other solutions.
Even if I set the global hiera.yaml datadir to:
/etc/puppetlabs/code/hieradata/%{::environment}/
(it can be a full path)
and do not have a hiera.yaml file in my puppet repo, hiera works, but the environmental hiera.yaml located there is ignored.
Another idea was to swap the locations but then my puppet code does not work.
So ideally what I need to do is set the environment layer hier.yaml location as it seems to be hard coded to <ENVIRONMENT>, which is where my puppet code is.
I still want to use r10k and I want to host my environmental hiera.yaml in my hiera repo.
my working code:
datadir: "/etc/puppetlabs/code/environments/%{environment}/hiera"
but path should be correct.
Related
I have .env file at my project root directory.
How should I handle .env file for dev, qa, stage and prod?
Should include them in git repo? if not where I put them? different folder on external drive for example?
What is the correct extensions? .env.qa or .qa.env?
If I want to build my bundle using webpack to the dist folder (server side), should I include the env file or manually copy it to the dist folder?
You should not check-in your env files into any source control. Any of those secrets will be forever available to anyone having access to the repo until the history is rewritten to remove them.
If you use AWS services, for example, I would suggest using the Secrets Manager.
Any environment variables introduced to Webpack should not be secrets but be configuration values. Anyone who can view source can read those values. If you need to have environment-specific configurations, the Webpack DefinePlugin will replace vars like MY_API_HOST with their values with the following config:
const plugins = [
new webpack.DefinePlugin({
MY_API_HOST: JSON.stringify('https://my-domain.com/api/'),
MY_API_VERSION: JSON.stringify('v2')
})
]
Config module is a easy way to address the different env specific values. Read about config module at - https://www.npmjs.com/package/config. You will have a config folder in the repository with env specific files and I like this approach as the files are in the repository but very well separated.This provides a really easy way to set default values, override the environment specific values etc. It is also very convenient to use the different environment specific files by setting the appropriate node environment variable(export NODE_ENV=development or acceptance or production).
I recently upgraded puppet version 3 to version 5. all is working fine with the new version but hiera configurations for puppet 5 is not working as expected. I think I missing something which would deploy changes in the remote node. Please advise what should I do here. below are the configurations for my setup.
1) Hiera.yaml
cat /etc/puppetlabs/code/environments/hiera.yaml
version: 5
hierarchy:
- name: "Master"
path: "environments/%{environment}/data/%{trusted.certname}.yaml"
data_hash: yaml_data
datadir: /etc/puppetlabs/code/
2) And my Environment YAML files are kept at
cat /etc/puppetlabs/code/environments/staging/data/puppetsr7.demo.com.yaml
demo::configuration::phpini::memory_limit: '64'
3) but when I run the command on my remote node, nothing is changing
/opt/puppetlabs/bin/puppet agent
4) In order to troubleshoot I tried to run the command
puppet lookup --explain demo::configuration::phpini::memory_limit --environment staging --node puppetsr7.demo.com
and got below output
Searching for "lookup_options"
Global Data Provider (hiera configuration version 5)
Using configuration "/etc/puppetlabs/code/environments/hiera.yaml"
Hierarchy entry "Master"
Path "/etc/puppetlabs/code/environments/staging/data/puppetsr7.demo.com.yaml"
Original path: "environments/%{environment}/data/%{trusted.certname}.yaml"
Found key: "lookup_options" value: nil
Module data provider for module "demo" not found
Searching for "demo::configuration::phpini::memory_limit"
Global Data Provider (hiera configuration version 5)
Using configuration "/etc/puppetlabs/code/environments/hiera.yaml"
Hierarchy entry "Master"
Path "/etc/puppetlabs/code/environments/staging/data/puppetsr7.demo.com.yaml"
Original path: "environments/%{environment}/data/%{trusted.certname}.yaml"
Found key: "demo::configuration::phpini::memory_limit" value: "64"
It's showing the proper value when running from CLI i.e 64 which I need to be get applied on a remote node in php.ini and change the value from 512 to 64.
But don't know how to proceed further from here as I struck now. please help to troubleshoot this.
What I did is I kept the required class in site.pp file as well which I want to get executed through hieradata.
"demo::configuration::phpini::memory_limit: '64'" in hiera file and "demo::configuration::phpini::memory_limit in site.pp.
Hoping that some one could get help from it.
I have an agent/master setup. I have created a new environment in /etc/puppetlabs/code/environments/ called master.
The content of environment.conf for the master directory environment is
modulepath = site:modules:$basemodulepath
manifest = manifests/site.pp
and when I try puppet agent -t --environment master I am getting some error
Notice: Local environment: 'master' doesn't match server specified node environment 'production', switching agent to 'production'.
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Info: Caching catalog for node1.localpuppet.com
Info: Applying configuration version '1490712072'
Notice: Applied catalog in 0.67 seconds
I am new to puppet. What changes do I need?
PE Console Config
This is a "really fun" quirk of Puppet Enterprise that showed up in the last couple of years. You have to specify the nodes in the PE Classifier that are allowed to specify their directory environment in the puppet.conf or in the puppet agent -t --environment arguments.
In the agent-specified environment tab in the Classifier (you see it at the bottom of your picture above), you can enable it for all nodes. Do this by adding a rule, selecting the name fact, using a regular expression (~), then using the regexp for matching all characters (.*). After you fill this out, the PE Classifier will give you a number of matching nodes. It should be all that are subscribed to your master. Remember to click in the bottom right to update your rules. Your nodes will now be able to use master instead of production from the config file or CLI arguments.
That being said, if you are doing this to avoid naming your default Git branch production in your control repository when working with Code Manager, you should really just rename the branch as that is much easier.
I am playing around with puppet and am trying to copy a file from my local directory (my laptop) on to my puppet agent. I have two VM's running, one is puppet master and one is puppet agent. I looked up at this answer here but it seems like it was an older version on puppet. I am running puppet 3.4.3 . I have gone through the pro puppet book and the puppet tutorials but find them way to confusing (the former having very glaring typos). It would be BIG help if someone helped me out with the process in simple steps. This is what I have till now.
I created a folder named my_module in /etc/puppet/.
In /etc/puppet/my_module is created two folders files, manifests and a file init.pp .
Init.pp looks like this:
class myfile {
file { "/home/me/myfolder/file.py":
mode => "0440",
owner => 'root',
group => 'root',
source => 'puppet:///modules/module_name/datas.xls',
}
}
I then copied the file file.py to the files folder I created above. I am unsure how to proceed after this step. Any help?
please read this documentation regarding creating your own modules. The module you created is in the wrong location right now. Should be /etc/puppet/modules or wherever the modulepath in /etc/puppet/puppet.conf points to on the puppet master.
The file given with source => 'puppet:///modules/module_name/datas.xls' is the one which will be placed in /home/me/myfolder/file.py on the client where you run the puppet agent -t command to rollout your changes.
Another good source for examples how to use the standard builtin puppet features is Type Reference of puppetlabs.
I am using masterless Puppet. And My situation is that I am using a custom Hiera backend called hiera-regex. The process of using it is that you have to have hiera-regex installed on your target machine.
If sometime for some reason, hiera-regex is not installed, hiera still looks up for the key in hierarchy and starts using that key which it was not suppose to use in the presence of hiera-regex. Ideally, I would want Puppet to exit when it does not find hiera-regex backend installed. But as of now, Puppet only prints a notice() which can be easily missed and can leave your node in an unwanted state.
Is it possible to somehow configure Puppet/hiera for masterless setup to not continue at all if the backend hiera is configured to use is not installed?
Here is my hiera.yaml file:
---
:backends:
- regex # this is the custom backend (hiera-regex)
- yaml
:regex:
:datadir: /etc/puppet/hiera
:yaml:
:datadir: /etc/puppet/hiera
:hierarchy:
- "%{fqdn}"
- base