问题
I am trying to figure out how to use hiera for setting the values for class parameters. I am testing things out with two simple classes: testhiera and testhiera2
Here are those classes:
[root@puppet-el7-001 modules]# cat testhiera/manifests/init.pp
class testhiera (
$haproxy_cert_content = 'unknown' ,
) {
notify {"cert is $haproxy_cert_content":}
}
[root@-puppet-el7-001 modules]# cat testhiera2/manifests/init.pp
class testhiera2 (
$haproxy_cert_content = 'unknown' ,
) {
notify {"number two cert is $haproxy_cert_content":}
}
here is my /etc/puppletlabs/puppet/hiera.yaml file
---
:backends:
- yaml
:hierarchy:
- defaults
- "%{clientcert}"
- "%{environment}"
- global
:yaml:
# datadir is empty here, so hiera uses its defaults:
# - /var/lib/hiera on *nix
# - %CommonAppData%\PuppetLabs\hiera\var on Windows
# When specifying a datadir, make sure the directory exists.
:datadir: /root/puppetmaster/hiera/ost-el7
and I have this file /root/puppetmaster/hiera/ost-el7/defaults.yaml
a side question: Do I have to name the file "defaults.yaml"? How could I use another file name?
---
testhiera::haproxy_cert_content: "\n
-----BEGIN CERTIFICATE-----\n
blah blah blha\n
-----END RSA PRIVATE KEY-----\n
blah blah blha\n
-----BEGIN CERTIFICATE-----\n
blah blah blha\n
-----END CERTIFICATE-----\n
"
When I execute my puppet classes like so ...
# puppet apply -e 'include testhiera'
... I get the expected output:
Notice: Compiled catalog for puppet-el7-001.cisco.com in environment production in 0.08 seconds
Notice: cert is
-----BEGIN CERTIFICATE-----
blah blah blha
-----END RSA PRIVATE KEY-----
blah blah blha
-----BEGIN CERTIFICATE-----
blah blah blha
-----END CERTIFICATE-----
Notice: /Stage[main]/Testhiera/Notify[cert is
-----BEGIN CERTIFICATE-----
blah blah blha
-----END RSA PRIVATE KEY-----
blah blah blha
-----BEGIN CERTIFICATE-----
blah blah blha
-----END CERTIFICATE-----
]/message: defined 'message' as 'cert is
-----BEGIN CERTIFICATE-----
blah blah blha
-----END RSA PRIVATE KEY-----
blah blah blha
-----BEGIN CERTIFICATE-----
blah blah blha
-----END CERTIFICATE-----
'
Notice: Finished catalog run in 0.17 seconds
My question is what is the best way to get thehaproxy_cert_content data to the testhiera2 class? Do I have to change my defaults.yaml file to look like this ...
---
testhiera::haproxy_cert_content: "\n
-----BEGIN CERTIFICATE-----\n
blah blah blha\n
-----END RSA PRIVATE KEY-----\n
blah blah blha\n
-----BEGIN CERTIFICATE-----\n
blah blah blha\n
-----END CERTIFICATE-----\n
"
testhiera2::haproxy_cert_content: "\n
-----BEGIN CERTIFICATE-----\n
blah blah blha\n
-----END RSA PRIVATE KEY-----\n
blah blah blha\n
-----BEGIN CERTIFICATE-----\n
blah blah blha\n
-----END CERTIFICATE-----\n
"
... basically just cut--n-pasting the lines and changing the testhiera to testhiera2?
I hope someone can show me a better way to do this.
Thanks
回答1:
In Hiera you can reuse already defined variables by using hiera lookup funcion. In your example it will be:
testhiera2::haproxy_cert_content:"%{hiera('testhiera::haproxy_cert_content')}"
For side question: Hiera will look up for variables in files in the same order as provided in hiera.yaml. (reading about hiera hierarchy) So in your configuration, first it will check file defaults.yaml. If it will not find defined variable there it will try to evaluate variable clientcert and look in file value_of_clientcert.yaml, next in file value_of_environment.yaml and at the end in global.yaml.
You don't have to name the file defaults.yaml. Everything that will match hiera configuration, according to description above, will be good.
*BTW, if you are using facter facts in hiera hierarchy put :: before the name of variable, so %{::facter_fact}.
来源:https://stackoverflow.com/questions/28555303/using-hiera-to-set-class-parameters