terrarum

Introduction

Hiera is a hierarchical database for Puppet. Using a database with Puppet helps remove site-specific data from your manifests, ultimately making them more generic and portable.

A hierarchical database allows you to specify a set of data repositories, each one becoming more and more specific to a node. This allows you to publish common data that all nodes should see in one repository, and work your way to data that should only be seen by a node.

This article describes how I use Hiera.

• Introduction
• Hierarchies
  • common
  • location
  • environment
• Hiera Backends
• Hiera 1.3 and Interpolation
• Conclusion

Hierarchies

For most environments, I use two hierarchies. My /etc/puppet/hiera.yaml file includes:

:hierarchy:
  - %{fqdn_underscore}
  - common

For more complicated environments, I extend this with a location and environment:

:hierarchy:
  - %{fqdn_underscore}
  - %{environment}
  - %{location}
  - common

common

The common hierarchy contains settings that should be visible to all nodes. Usually there's not a lot of data here – just the location of the Puppet Master and a root email alias.

location

location defines a physical data center where the node is located. I use facter-dot-d for this:

$ cat /etc/facter/facts.d/location.txt
location=honolulu

environment

environment defines whether the node is part of Production or Sandbox environment. For example, I use this to define different settings for a Production OpenStack installation or a Sandbox installation. This way, the same manifests can be used for both, just the site-specific details are changed.

This is another facter-dot-d variable:

$ cat /etc/facter/facts.d/environment.txt
environment=sandbox

Hiera Backends

Hiera is able to read from a few basic data sources. I previously used the Puppet backend extensively but have since switched to standard YAML. The reasons for this is because YAML handled nested hashes better than Puppet and the YAML backend allowed use of the hiera commmand-line tool.

To use the YAML backend, I have the following in my /etc/puppet/hiera.yaml:

---
:backends:
  - yaml

:yaml:
  :datadir: /etc/puppet/modules/site/data

This configures Puppet to look in the site/data subdirectory of my site module for hiera settings.

Here's an example of common.yaml:

---
puppet_server: 'puppet.example.com'

And here's an example for a specific node, such as www.example.com:

---
mysql_root_password = 'foobarbaz'
mysql_bind_host     = '0.0.0.0'

Hiera 1.3 and Interpolation

Hiera 1.3 was recently released. The notable feature about this release is the ability to reference other YAML values inside the data source:

---
mysql_server   = 'mysql.example.com'
sql_connection = "mysql://user:password@%{hiera('mysql_server')}/db"

Conclusion

Hiera is an awesome part of Puppet that allows you to easily store all of your site-specific data in a central location. This article showed how I personally use it.