Puppet Hiera Tutorial – Beginners Guide

pupppet hiera
When you write a puppet module, you might not want to put all the data in to the module because all the module developers might want access to that data. So, It is a good practice to separate the data from the code. This can be achieved using Hiera.

Note: This tutorial is based on puppet enterprise.

Puppet Hiera Tutorial

In this puppet hiera tutorial you will learn the basics of hiera and how to use it in puppet modules.

Hiera is a key value lookup tool which holds all the data that has to be dynamically placed in a module. You can store usernames, passwrod, DNS server details, ldap server details etc. Moreover, you can encrypt the data in hiera for security. Hiera resides in the puppet server for global access unless the client is operating in masterless setup. In that case, it resides in the client itself.

Hiera Configuration File

Hiera comes bundles with puppet enterprise, so you don’t have to install it separately but you might want to change its configuration to suit your needs.

The hiera configuration file resides in “/etc/puppetlabs/code” directory. It is yaml file named “hiera.yml”

A normal configuration file looks like the following.

:backends – Hiera supports yaml, json and puppet class backends.

READ  Chef Cookbook Testing Tutorial - Getting Started Guide

:datadir – The location where you place your hieradata. In the above code snippet, you can see a interpolated string “%{::environment}”. This is to dynamically select an environment in case you have different environments specified in the puppet server. By doing do, you can access the environment specific hiera data.

If you use both yaml and json data directories, you need to specify both as shown in the above code snippet.

:hierarchy This represents the folder and file hirearchy inside the “:datadir” i.e, hieradata folder. You can use interpolation to dynamically pass the file name.

Creating Hiera Data files

Hiera data files could be yaml or json files as mentioned above. All the data files will reside inside the “hieradata” folder in respective environments.

You can keep all the deafult values under common.yaml file in hieradata fodler. For example,

If you have any node specific data, you can have the hierarchy as follows.

A sample YAML based configuration file is shown below. You can have all the value in key value fashion. You also nest data elements if neccessary.

Accessing Hiera Data using CLI

Once you have the hiera data ready in the puppet server, you can check the values using hiera CLI.

READ  Understanding Continuous Integration, Delivery and Deployment

To access the value , just use the hiera command with the key as shown below.

If you have used interpolation in the “:datadir” configuration, You should add the parameters as shown below.

If you want access the value for a key from a yaml file which is high hierarchy, you need to specify that in the lookup. Otherwise it will return the value from the common.yaml file.

A high hirearchy lookup, for example, a data source from hieradata/node/mynode.example.com.yaml will look like the following.

Accessing Hiera Data From Modules

Accessing data hiera data from module is relatively easy. Use the following syntax in your module to access the data directly.

$ldapserver is just a puppet variable. You can substitute hiera without assigning it to a variable.

If you want to get all the ldap_servers value in the hierarchy in an array, you can use the following syntax.

Hiera Arguments

While accessing hiera data through modules, you cat set a default value to use if hiera returns nil. It has the following syntax.

Free DevOps Resources

Get DevOps news, tutorials and resources in your inbox. A perfect way If you want to get started with devops. Like you, we dont like spam.


  1. George Vieira Reply

    ‘It is yaml file named “hiera.yml”’
    I think the .yml was meant to be .yaml

Leave a Reply

Your email address will not be published. Required fields are marked *