1. Copyright example42 GmbH - 2016
Puppet 4 - Data in Modules
PuppetCamp Paris 2016
Martin Alfke - ma@example42.com
Image: Tatlin - tatlin.net
Copyright example42 GmbH - 2016
2. Copyright example42 GmbH - 2016
Martin Alfke
!
Berlin/Germany
!
CEO example42 GmbH
Freelance Puppet Expert
Network
!
Puppet since 2007
!
Puppet Trainer, Consultant
!
Co-Author of “Puppet 4
Essentials”
3. Copyright example42 GmbH - 2016
Puppet 4
Data in Modules
• Separation of Code and Data
• Data in Modules
• Lookup Priority
• Data in Component Modules
• Data in Environments
5. Copyright example42 GmbH - 2016
Separation of
Code and Data
• data in code
class my_ntp {!
!if $::environment == ‘dev’ {!
$ntp_server = [‘pool.ntp.org’]!
} else {!
if $::facts[‘fqdn’] == ‘ntp1.example42.com’
{!
# switch back to ntp1 when issue is solved!
$ntp_server = [‘ntp2.example42.com’]!
} else {!
$ntp_server = [‘127.0.0.1’]!
}!
}!
6. Copyright example42 GmbH - 2016
Separation of
Code and Data
• explicit lookup
• hiera(‘key’[, ‘default’][, ‘override hierarchy’])
7. Copyright example42 GmbH - 2016
Separation of
Code and Data
• implicit lookup
class my_ntp (!
!Array $ntp_server,!
) {!
!# …!
}!
!
contain my_ntp!
!
# hiera data!
my_ntp::ntp_server:!
- ‘pool.ntp.org’!
8. Copyright example42 GmbH - 2016
Separation of
Code and Data
• hiera.yaml
# version 1!
:backends:!
- yaml!
:yaml:!
:datadir: “/etc/puppetlabs/code/
environments/%{environment}/hieradata”!
:hierarchy:!
- “nodes/%{::trusted.certname}”!
- “os/%{::facts[‘os’][‘osfamily’]}”!
- common!
9. Copyright example42 GmbH - 2016
Separation of
Code and Data
• hieradata
os/Debian.yaml
apache::pkgname:!
- ‘apache2’!
- ‘apache2-ssl’!
!
os/RedHat.yaml
apache::pkgname:!
- ‘httpd’!
!
common.yaml
apache::purge_configs: true!
10. Copyright example42 GmbH - 2016
Separation of
Code and Data
• hieradata
os/FreeBSD.yaml
apache::pkgname:!
- ‘apache’!
11. Copyright example42 GmbH - 2016
Separation of
Code and Data
• puppet code
# apache/manifests/params.pp
class apache::params {!
case $::operatingsystem {!
‘Debian’: { # … }!
‘RedHat’: { # … }!
default: {!
fail(‘OS not supported’)!
}!
}!
}!
22. Copyright example42 GmbH - 2016
Data Provider
• none -> standard hiera lookup
!
• hiera -> hiera lookup (hiera v4)
!
• function -> data function lookup
23. Copyright example42 GmbH - 2016
Data Provider
Hiera
• replace hiera, hiera_array, hiera_hash with ‘lookup’
• needs hiera.yaml v4 configuration file
• set data_provider to ‘hiera’ in puppet.conf,
environment.conf or metadata.json
• modify global hiera.yaml to use datadir outside
environment
25. Copyright example42 GmbH - 2016
Data Provider
Function
• write data function
• Puppet 4 Function
• <module>/functions/<module>/data.pp
• <env>/functions/<env>/data.pp
• set data_provider to function in puppet.conf,
environment.conf or metadata.json
27. Copyright example42 GmbH - 2016
Data Provider
Function
• write data function
• Ruby Function (Puppet 4 function API)
• <module>/lib/puppet/functions/<module>/
data.rb
• <env>/lib/puppet/functions/<env>/data.rb
• set data_provider to function in puppet.conf,
environment.conf or metadata.json
28. Copyright example42 GmbH - 2016
Data Provider
Function - Ruby
# ntp/lib/puppet/functions/ntp/data.rb
Puppet::Functions.create_function(:’ntp::data’) do!
def base_data()!
{ ‘ntp::ntpservers’ => [‘pool.ntp.org’], }!
end!
def os_data()!
case Facter.value(:os)[‘family’]!
when ‘Debian’!
{ ‘ntp::pkgname’ => ‘ntpd’, }!
else!
{}!
end!
def data()!
self.base_data.merge!(self.os_data)!
end!
end
30. Copyright example42 GmbH - 2016
Data in Component Modules
• add data provider to metadata.json
• provide OS defaults
• remove params.pp / remove inheritance
• allow users to overwrite any data
33. Copyright example42 GmbH - 2016
Data in Environments
• old hiera replacement
• add hiera.yaml to environment base path
• overwrite data from modules, roles & profiles
37. Copyright example42 GmbH - 2016
Summary - Pro
• Per hierarchy Hiera Data backend possible
• Data Function lookups without need for hiera
backend (e.g. Cloud Management API data)
• No more inheritance required
38. Copyright example42 GmbH - 2016
Summary - Con
• No single Source of Authority?
• Debugging can be complex when iterating over
many data providers and hierarchies
39. Copyright example42 GmbH - 2016
Module Developers
• switch to data in modules
• give users the possibility to provide own data
• allow users to overwrite any data
• allow users to know their data for missing OS
support
40. Copyright example42 GmbH - 2016
Module Users
• switch to hieradata in modules
then
• switch to data in environments
• keep data simple and readable
• don’t overcomplicate !