Puppet Hiera Tutorial – Beginners Guide

pupppet hiera

When you write a puppet module, you might not want to put all the data in to the module because all the module developers might want access to that data. So, It is a good practice to separate the data from the code. This can be achieved using Hiera.

Note: This tutorial is based on puppet enterprise.

Puppet Hiera Tutorial

In this puppet hiera tutorial you will learn the basics of hiera and how to use it in puppet modules.

Hiera is a key value lookup tool which holds all the data that has to be dynamically placed in a module. You can store usernames, passwrod, DNS server details, ldap server details etc. Moreover, you can encrypt the data in hiera for security. Hiera resides in the puppet server for global access unless the client is operating in masterless setup. In that case, it resides in the client itself.

Hiera Configuration File

Hiera comes bundles with puppet enterprise, so you don’t have to install it separately but you might want to change its configuration to suit your needs.

The hiera configuration file resides in “/etc/puppetlabs/code” directory. It is yaml file named “hiera.yml”

A normal configuration file looks like the following.

---
:backends:
  - yaml
  - json
:yaml:
  :datadir: /etc/puppetlabs/code/environments/%{::environment}/hieradata
:json
  :datadir: /etc/puppetlabs/code/environments/%{::environment}/hieradata
:hierarchy:
  - "node/%{::fqdn}"
  - common

:backends – Hiera supports yaml, json and puppet class backends.

:datadir – The location where you place your hieradata. In the above code snippet, you can see a interpolated string “%{::environment}”. This is to dynamically select an environment in case you have different environments specified in the puppet server. By doing do, you can access the environment specific hiera data.

If you use both yaml and json data directories, you need to specify both as shown in the above code snippet.

:hierarchy This represents the folder and file hirearchy inside the “:datadir” i.e, hieradata folder. You can use interpolation to dynamically pass the file name.

Creating Hiera Data files

Hiera data files could be yaml or json files as mentioned above. All the data files will reside inside the “hieradata” folder in respective environments.

You can keep all the deafult values under common.yaml file in hieradata fodler. For example,

/etc/puppetlabs/code/environments/%{::environment}/hieradata/common.yaml

If you have any node specific data, you can have the hierarchy as follows.

/etc/puppetlabs/code/environments/%{::environment}/hieradata/nodes/mynode.example.com

A sample YAML based configuration file is shown below. You can have all the value in key value fashion. You also nest data elements if neccessary.

---
ldap_servers:
  - 10.132.17.196
  - 10.132.17.195

users:
  joe:
    home: '/home/joe'
  jenkins:
    password: 'mysecret'

Accessing Hiera Data using CLI

Once you have the hiera data ready in the puppet server, you can check the values using hiera CLI.

To access the value , just use the hiera command with the key as shown below.

hiera ldaps_ervers

If you have used interpolation in the “:datadir” configuration, You should add the parameters as shown below.

 hiera ldap_servers ::environment=production

If you want access the value for a key from a yaml file which is high hierarchy, you need to specify that in the lookup. Otherwise it will return the value from the common.yaml file.

A high hirearchy lookup, for example, a data source from hieradata/node/mynode.example.com.yaml will look like the following.

hiera ldap_server node=test

Accessing Hiera Data From Modules

Accessing data hiera data from module is relatively easy. Use the following syntax in your module to access the data directly.

$ldapservers = hiera("ldap_servers")

$ldapserver is just a puppet variable. You can substitute hiera without assigning it to a variable.

If you want to get all the ldap_servers value in the hierarchy in an array, you can use the following syntax.

$ldapservers = hiera_array("ldap_servers")

Hiera Arguments

While accessing hiera data through modules, you cat set a default value to use if hiera returns nil. It has the following syntax.

$ldapservers = hiera_array("ldap_servers","10.32.34.45")
3 comments
  1. Hello,

    I am facing issue with my hiera, please help to solve this,

    1) hiera path : /etc/puppetlabs/puppet/hiera.yaml and its content

    ====================================================
    version: 5
    defaults:
    datadir: /etc/puppetlabs/code/hieradata/nodes/%{::environment}/
    data_hash: yaml_data
    hierarchy:
    path: “/etc/puppetlabs/code/hieradata/nodes/%{::environment}/%{trusted.certname}.yaml”
    ============================================================

    2) The data path /etc/puppetlabs/code/hieradata/nodes/ is having two folder with names
    * staging
    * production,
    3) In each folder i have created yaml files like below
    * puppet7.demo.com.yaml

    and its contents is below
    ===============================================

    #YAML CONFIGURATION
    company::configuration::phpini::memory_limit: “32”
    ===============================================

    4) but my remote server puppet7.demo.com is not able to detect the hiera values, and changes being deployed when i run

    /opt/puppetlabs/bin/puppet agent –test

    Please suggest what i am missing, it would be really helpful. I have wasted my couple of days for hiera.

    Thanks & Regards
    Sushil.R

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like