Puppet Camp Portland 2015: Introduction to Hiera (Beginner)
-
Upload
puppet-labs -
Category
Documents
-
view
693 -
download
1
Transcript of Puppet Camp Portland 2015: Introduction to Hiera (Beginner)
![Page 1: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/1.jpg)
Introduction to Hiera
![Page 2: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/2.jpg)
Spencer Krumcc by sa
![Page 3: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/3.jpg)
![Page 4: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/4.jpg)
cc by sa
![Page 5: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/5.jpg)
![Page 6: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/6.jpg)
cc by sa //
![Page 7: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/7.jpg)
Agenda• What is hiera
• Hiera architecture
• Basic examples
• More complicated example
• Trouble points for new users
![Page 8: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/8.jpg)
What is hiera• Software from puppetlabs
• Started in 2011
• Started out as a puppet plugin, corenow
![Page 9: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/9.jpg)
What is hiera• A way to plug data into your puppet
code
• Separate concerns of data andconfiguration
![Page 10: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/10.jpg)
What is hiera• Exposes hiera() function to puppet
• Plugable backend
• Different from PuppetDB
![Page 11: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/11.jpg)
Hiera Architecture
![Page 12: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/12.jpg)
Puppet Architecture
cc by sa
![Page 13: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/13.jpg)
Puppet Architecture w/hiera
![Page 14: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/14.jpg)
cc by sa
![Page 15: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/15.jpg)
# ln -s /etc/hiera.yaml /etc/puppet/hiera.yaml
![Page 16: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/16.jpg)
# cat /etc/puppet/hiera.yaml---:backends:
- yaml
:yaml::datadir: /etc/puppet/hieradata
:hierarchy:- "%{clientcert}/common"- "osfamily/%{osfamily}/common"- common
![Page 17: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/17.jpg)
# find /etc/puppet/hieradata../common.yaml./osfamily./osfamily/RedHat./osfamily/RedHat/common.yaml./osfamily/Debian./osfamily/Debian/common.yaml
![Page 18: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/18.jpg)
Hiera• A place to put your data
• Backend driven
• Function call to lookup on keys
![Page 19: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/19.jpg)
class { 'jenkins::slave':jenkins_ssh_key => 'AAAAB3Nzbu84a....'
}
![Page 20: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/20.jpg)
# cat /etc/puppet/hieradata/common.yaml---jenkins_key: AAAAB3NzaC1yc2EAAAADA......
# hiera -d jenkins_keyDEBUG: Hiera YAML backend startingDEBUG: Looking up jenkins_key in YAML backendDEBUG: Looking for data source commonDEBUG: Found jenkins_key in common
AAAAB3NzaC1yc2EAAAADAQAB...
![Page 21: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/21.jpg)
$ssh_key = hiera('jenkins_key')class { 'jenkins::slave':
jenkins_ssh_key => $ssh_key,}
![Page 22: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/22.jpg)
class { 'mysql::server':root_password => 'hunter2',
}
![Page 23: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/23.jpg)
# cat /etc/puppet/hieradata/common.yaml---...mysql_root_password: hunter2...
# hiera -d mysql_root_passwordDEBUG: Hiera YAML backend startingDEBUG: Looking up mysql_root_password in YAML backendDEBUG: Looking for data source commonDEBUG: Found mysql_root_password in common
hunter2
![Page 24: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/24.jpg)
$password = hiera('mysql_root_password')
class { 'mysql::server':root_password => $password,
}
![Page 25: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/25.jpg)
Questions?
![Page 26: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/26.jpg)
class graphite {if $::osfamily == 'RedHat' {
$pkgs = ['git','python-django','g++','sqlite3',]
...}
}
![Page 27: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/27.jpg)
Hiera• Hierarchy that is facter aware
• Defaults and overrides
![Page 28: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/28.jpg)
# cat /etc/puppet/hiera.yaml---:backends:
- yaml
:yaml::datadir: /etc/puppet/hieradata
:hierarchy:- "%{clientcert}/common"- "osfamily/%{osfamily}/common"- common
![Page 29: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/29.jpg)
# find /etc/puppet/hieradata../common.yaml./osfamily./osfamily/RedHat./osfamily/RedHat/common.yaml./osfamily/Debian./osfamily/Debian/common.yaml
![Page 30: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/30.jpg)
Conditional data in code
class { 'graphite':if $::osfamily == 'RedHat' {
$pkgs = ['git','python-django','g++','sqlite3',]
...}
}
![Page 31: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/31.jpg)
# cat osfamily/Debian/common.yaml---graphite::pkgs:
- graphite- python-django- virtualenv
![Page 32: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/32.jpg)
# cat osfamily/RedHat/common.yaml---graphite::pkgs:
- git- python-django- g++- sqlite3- sqlite3-devel- python26-virtualenv
![Page 33: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/33.jpg)
Hiera data# hiera graphite::pkgs osfamily=RedHat["git","python-django","g++","sqlite3","sqlite3-devel","python26-virtualenv"]
![Page 34: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/34.jpg)
# hiera graphite::pkgs osfamily=Debian["graphite", "python-django", "virtualenv"]
![Page 35: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/35.jpg)
# hiera graphite::pkgsnil
![Page 36: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/36.jpg)
class graphite {if $::osfamily == 'RedHat' {
$pkgs = ['git','python-django','g++','sqlite3',]
...}
}
![Page 37: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/37.jpg)
class graphite {$pkgs = hiera('graphite::pkgs')package { $pkgs:
ensure => latest,}
}
![Page 38: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/38.jpg)
Backends
• yaml, json
• file, ldap
• gpg, eyaml
• mysql, postgres, redis
![Page 39: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/39.jpg)
Pros
• Separation between data and code
• Secret storage
• Backends, integration with existingdatastores
• Some conditional logic irrelevant
• Puppet code sanitized
![Page 40: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/40.jpg)
Cons
• hard to figure out where things comefrom
• hiera-yaml can only support one datadirectory
• debugging
• public modules + hirea is unsolved
![Page 42: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/42.jpg)
User issues• Complicated hierarchy
• Runaway backends
• Latency/Load
• Architecture
![Page 43: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/43.jpg)
Positive note• Use hiera, its awesome
• Start with yaml
• Try and experiment, iterate
![Page 44: Puppet Camp Portland 2015: Introduction to Hiera (Beginner)](https://reader034.fdocuments.in/reader034/viewer/2022042607/55a3bcd21a28aba93a8b4669/html5/thumbnails/44.jpg)
Questions on Hiera