• Stars
    star
    295
  • Rank 140,902 (Top 3 %)
  • Language
    Ruby
  • License
    Other
  • Created over 13 years ago
  • Updated almost 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Lightweight Pluggable Hierarchical Database

Hiera

Build Status

A simple pluggable Hierarchical Database.

This project is deprecated in favor of Hiera version 5 which is implementation in Puppet.

Tutorials: Check the docs directory for tutorials.

Why?

Hierarchical data is a good fit for the representation of infrastructure information. Consider the example of a typical company with 2 datacenters and on-site development, staging etc.

All machines need:

  • ntp servers
  • sysadmin contacts

By thinking about the data in a hierarchical manner you can resolve these to the most correct answer easily:

     /------------- DC1 -------------\             /------------- DC2 -------------\
    | ntpserver: ntp1.dc1.example.com |           | ntpserver: ntp1.dc2.example.com |
    | sysadmin: [email protected]    |           |                                 |
    | classes: users::dc1             |           | classes: users::dc2             |
     \-------------------------------/             \-------------------------------/
                                \                      /
                                  \                  /
                           /------------- COMMON -------------\
                          | ntpserver: 1.pool.ntp.org          |
                          | sysadmin: "sysadmin@%{domain}"     |
                          | classes: users::common             |
                           \----------------------------------/

In this simple example machines in DC1 and DC2 have their own NTP servers, additionaly DC1 has its own sysadmin contact - perhaps because its a remote DR site - while DC2 and all the other environments would revert to the common contact that would have the machines domain fact expanded into the result.

The classes variable can be searched using the array method which would build up a list of classes to include on a node based on the hierarchy. Machines in DC1 would have the classes users::common and users::dc1.

The other environment like development and staging would all use the public NTP infrastructure.

This is the data model that extlookup() have promoted in Puppet, Hiera has taken this data model and extracted it into a standalone project that is pluggable and have a few refinements over extlookup.

Enhancements over Extlookup

Extlookup had just one backend, Hiera can be extended with your own backends and represent a few enhancements over the base Extlookup approach thanks to this.

Multiple backends are queried

If you have a YAML and Puppet backend loaded and your users provide module defaults in the Puppet backend you can use your YAML data to override the Puppet data. If the YAML doesnt provide an answer the Puppet backend will get an opportunity to provide an answer.

More scope based variable expansion

Extlookup could parse data like %{foo} into a scope lookup for the variable foo. Hiera retains this ability and any Arrays or Hashes will be recursively searched for all strings that will then be parsed.

The datadir and defaults are now also subject to variable parsing based on scope.

No CSV support by default

We have not at present provided a backward compatible CSV backend. A converter to YAML or JSON should be written. When the CSV backend was first chosen for Puppet the Puppet language only supports strings and arrays of strings which mapped well to CSV. Puppet has become (a bit) better wrt data and can now handle hashes and arrays of hashes so it's a good time to retire the old data format.

Array Searches

Hiera can search through all the tiers in a hierarchy and merge the result into a single array. This is used in the hiera-puppet project to replace External Node Classifiers by creating a Hiera compatible include function.

Qualified Key Lookup

You can use a qualified key to lookup a value that is contained inside a hash or array:

$ hiera user
{"name"=>"kim", "home"=>"/home/kim"}
$ hiera user.name
kim
$ hiera ssh_users
["root", "jeff", "gary", "hunter"]
$ hiera ssh_users.0
root

Use quotes to disable qualified key behavior

In case you have dotted keys and thus want to avoid using the qualified key semantics, you can put segments of a dotted key, or the whole key, within quotes.

Given the following data:

# yaml
a:
  b.c:
    d: 'Data for a => b.c => d'

it is possible to do a lookup of the data like this:

$ hiera 'a."b.c".d'
Data for a => b.c => d

Quoting works in interpolation expressions as well.

Interpolating from global scope:

# yaml
other.key: 'scope data: %{a."b.c".d}'

or using an interpolation method:

# yaml
a:
  b.c:
    d: 'Data for a => b.c => d'
other.key: 'hiera data %{hiera("a.''b.c''.d")}'

Note that two single quotes are used to escape a single quote inside a single quoted string (that's YAML syntax, not Hiera) and that the quoted key must be quoted in turn.

Future Enhancements

  • More backends should be created
  • A webservice that exposes the data
  • Tools to help maintain the data files. Ideally this would be Foreman and Dashboard with their own backends

Installation

Hiera is available as a Gem called hiera and out of the box it comes with just a single YAML backend.

Hiera is also available as a native package via apt (http://apt.puppetlabs.com) and yum (http://yum.puppetlabs.com). Instructions for adding these repositories can be found at http://docs.puppetlabs.com/guides/installation.html#debian-and-ubuntu and http://docs.puppetlabs.com/guides/installation.html#enterprise-linux respectively.

At present JSON (github/ripienaar/hiera-json) and Puppet (hiera-puppet) backends are availble.

Configuration

You can configure Hiera using a YAML file or by providing it Hash data in your code. There isn't a default config path - the CLI script will probably assume /etc/hiera.yaml though. The default data directory for file based storage is /var/lib/hiera.

A sample configuration file can be seen here:

---
:backends:
  - yaml
  - puppet

:logger: console

:hierarchy:
  - "sites/%{location}"
  - common

:yaml:
   :datadir: /etc/puppetlabs/code/hieradata

:puppet:
   :datasource: data

This configuration will require YAML files in /etc/puppetlabs/code/hieradata these need to contain Hash data, sample files matching the hierarchy described in the Why? section are below:

/etc/puppetlabs/code/hieradata/sites/dc1.yaml:

---
ntpserver: ntp1.dc1.example.com
sysadmin: [email protected]

/etc/puppetlabs/code/hieradata/sites/dc2.yaml:

---
ntpserver: ntp1.dc2.example.com

/etc/puppetlabs/code/hieradata/common.yaml:

---
sysadmin: "sysadmin@%{domain}"
ntpserver: 1.pool.ntp.org

Querying from CLI

You can query your data from the CLI. By default the CLI expects a config file in /etc/hiera.yaml but you can pass --config to override that.

This example searches Hiera for node data. Scope is loaded from a Puppet created YAML facts store as found on your Puppet Masters.

If no data is found and the facts had a location=dc1 fact the default would be sites/dc1

$ hiera acme_version 'sites/%{location}' --yaml /opt/puppetlabs/puppet/cache/yaml/facts/example.com.yaml

You can also supply extra facts on the CLI, assuming Puppet facts did not have a location fact:

$ hiera acme_version 'sites/%{location}' location=dc1 --yaml /opt/puppetlabs/puppet/cache/yaml/facts/example.com.yaml

Or if you use MCollective you can fetch the scope from a remote node's facts:

$ hiera acme_version 'sites/%{location}' -m box.example.com

You can also do array merge searches on the CLI:

$ hiera -a classes location=dc1
["users::common", "users::dc1"]

Querying from code

This is the same query programatically as in the above CLI example:

require 'rubygems'
require 'hiera'
require 'puppet'

# load the facts for example.com
scope = YAML.load_file("/opt/puppetlabs/puppet/cache/yaml/facts/example.com.yaml")

# create a new instance based on config file
hiera = Hiera.new(:config => "/etc/puppetlabs/code/hiera.yaml")

# resolve the 'acme_version' variable based on scope
#
# given a fact location=dc1 in the facts file this will default to a branch sites/dc1
# and allow hierarchical overrides based on the hierarchy defined in the config file
puts "ACME Software Version: %s" % [ hiera.lookup("acme_version", "sites/%{location}", scope) ]

Extending

There exist 2 backends at present in addition to the bundled YAML one.

JSON

This can be found on github under ripienaar/hiera-json. This is a good example of file based backends as Hiera provides a number of helpers to make writing these trivial.

Puppet

This is much more complex and queries the data from the running Puppet state, it's found on GitHub under ripienaar/hiera-puppet.

This is a good example to learn how to map your internal program state into what Hiera wants as I needed to do with the Puppet Scope.

It includes a Puppet Parser Function to query the data from within Puppet.

When used in Puppet you'd expect Hiera to log using the Puppet infrastructure, this plugin includes a Puppet Logger plugin for Hiera that uses the normal Puppet logging methods for all logging.

License

See LICENSE file.

Support

Please log tickets and issues at our JIRA tracker. A mailing list is available for asking questions and getting help from others. In addition there is an active #puppet channel on Freenode.

We use semantic version numbers for our releases, and recommend that users stay as up-to-date as possible by upgrading to patch releases and minor releases as they become available.

Bugfixes and ongoing development will occur in minor releases for the current major version. Security fixes will be backported to a previous major version on a best-effort basis, until the previous major version is no longer maintained.

For example: If a security vulnerability is discovered in Hiera 1.3.0, we would fix it in the 1 series, most likely as 1.3.1. Maintainers would then make a best effort to backport that fix onto the latest Hiera release they carry.

Long-term support, including security patches and bug fixes, is available for commercial customers. Please see the following page for more details:

Puppet Enterprise Support Lifecycle

MAINTAINERS

  • Thomas Hallgren
  • Henrik Lindberg

More Repositories

1

puppet

Server automation framework and application
Ruby
7,082
star
2

showoff

Don't just present; interact with your audience!
JavaScript
932
star
3

r10k

Smarter Puppet deployment
Ruby
800
star
4

facter

Collect and display system facts
Ruby
603
star
5

trapperkeeper

A services framework for Clojure / JVM applications.
Clojure
586
star
6

bolt

Bolt is an open source orchestration tool that automates the manual work it takes to maintain your infrastructure on an as-needed basis or as part of a greater orchestration workflow. It can be installed on your local workstation and connects directly to remote nodes with SSH or WinRM, so you are not required to install any agent software.
Ruby
459
star
7

puppetlabs-mysql

MySQL Puppet Module / Manifests + Types & Providers
Ruby
385
star
8

puppetlabs-apache

Puppet module for the Apache httpd server, maintained by Puppet, Inc.
Ruby
365
star
9

puppetlabs-stdlib

Puppet Labs Standard Library module
Ruby
350
star
10

puppetdb

Centralized Puppet Storage
Clojure
290
star
11

puppetserver

Server automation framework and application
Clojure
280
star
12

puppetlabs-firewall

Puppet Firewall Module
Ruby
269
star
13

puppetlabs-postgresql

Puppet module for managing PostgreSQL
Ruby
228
star
14

puppet-docs

Curated Puppet Documentation
HTML
223
star
15

pdk

The shortest path to better modules: Puppet Development Kit; Download:
Ruby
217
star
16

control-repo

A control repository template
Ruby
197
star
17

pupperware

Container fun time lives here.
Ruby
183
star
18

puppetlabs-concat

File concatenation system for Puppet
Ruby
171
star
19

puppet-vagrant-boxes

Veewee definitions for a set of generic vagrant boxes
Shell
153
star
20

puppetlabs-ntp

Puppet module to manage the NTP service
Ruby
145
star
21

puppetlabs-lvm

Puppet Module to manage LVM
Ruby
126
star
22

puppetlabs_spec_helper

A set of shared spec helpers specific to Puppetlabs projects
Ruby
121
star
23

best-practices

Best practice docs created by the Puppet Customer Success team
CSS
120
star
24

puppetlabs-packer

Packer templates to build images for vSphere
PowerShell
119
star
25

puppetlabs-java

Puppet Module to manage Java
Ruby
103
star
26

puppet-syntax-vim

Puppet language syntax highlighting for Vim
Vim Script
102
star
27

puppet-specifications

Specification of the Puppet Language, Catalog, Extension points
Ruby
97
star
28

vault-plugin-secrets-oauthapp

OAuth 2.0 secrets plugin for HashiCorp Vault supporting a variety of grant types
Go
94
star
29

puppetlabs-kubernetes

This module install and configures a Kubernetes cluster
Ruby
92
star
30

puppet-strings

The next generation Puppet documentation extraction and presentation tool.
Ruby
89
star
31

puppet_litmus

Providing a simple command line tool for puppet content creators, to enable simple and complex test deployments.
Ruby
88
star
32

puppetlabs-docker

The Puppet Docker repository
Ruby
87
star
33

cpp-hocon

A C++ port of the Typesafe Config library.
C++
83
star
34

education-builds

Bootstrap CentOS training VMs from scratch. Now with true versioning!
Ruby
82
star
35

puppet-vscode

Puppet Editing. Redefined.
TypeScript
79
star
36

vmpooler

Provide configurable 'pools' of instantly-available (running) virtual machines
Ruby
75
star
37

tasks-hands-on-lab

Deprecated: Please see http://bolt.guide to follow our Bolt tutorial!
Shell
73
star
38

puppetlabs-inifile

Resource types for managing settings in INI files
Ruby
70
star
39

hiera-puppet

Puppet function and data backend for Hiera
Ruby
60
star
40

leatherman

A collection of C++ and CMake utility libraries.
C++
57
star
41

puppet-rfc

Puppet RFC Repository
Ruby
55
star
42

puppetlabs-f5

Puppet Management of F5 Network Devices.
53
star
43

puppetlabs-puppetdb

A puppet module for installing and managing puppetdb
Ruby
52
star
44

relay

Event-driven workflows for DevOps automation
Go
52
star
45

puppetserver-helm-chart

The Helm Chart for Puppet Server
Mustache
51
star
46

puppetlabs-powershell

powershell provider for the Puppet exec resource type
Ruby
50
star
47

puppetlabs-rsync

rsync module
Ruby
49
star
48

puppet-agent

All of the directions for building a puppet agent package.
Ruby
48
star
49

homebrew-puppet

A tap for Puppet macOS package distribution
Ruby
45
star
50

pdk-templates

The main template repo for the Puppet Development Kit https://github.com/puppetlabs/pdk
HTML
43
star
51

docs-archive

An archive of old documentation for Puppet, PE, CD4PE, Pipelines, and their related components. No longer updated, for reference only.
HTML
42
star
52

puppet-editor-services

Puppet Language Server for editors
Ruby
41
star
53

puppetlabs-puppet_agent

Module for managing Puppet-Agent
Ruby
40
star
54

puppetlabs-tomcat

PuppetLabs Tomcat module
Ruby
38
star
55

kream

Kubernetes Rules Everything Around Me. A development environment for the Puppet/kubernetes module
Ruby
38
star
56

packaging

Packaging automation for Puppet software
Ruby
37
star
57

rubocop-i18n

RuboCop rules for detecting and autocorrecting undecorated strings for i18n (gettext and rails-i18n)
Ruby
36
star
58

nssm

Puppet fork of the NSSM source code from https://git.nssm.cc/nssm/nssm.git
C++
36
star
59

puppetlabs-java_ks

Uses a combination of keytool and openssl to manage entries in a Java keystore
Ruby
35
star
60

gatling-puppet-load-test

Scala
34
star
61

ruby-hocon

A Ruby port of the Typesafe Config library.
Ruby
34
star
62

netdev_stdlib

Netdev is a vendor-neutral network abstraction framework maintained by Puppet, Inc
Ruby
30
star
63

puppetlabs-sshkeys

Puppet Labs SSH Public Keys
Shell
30
star
64

puppetlabs-peadm

A Puppet module defining Bolt plans used to automate Puppet Enterprise deployments
Puppet
30
star
65

tasks-playground

Deprecated: Please check out https://bolt.guide to learn about Bolt, or see the project at https://github.com/puppetlabs/bolt
Shell
27
star
66

puppetlabs-node_encrypt

Encrypt secrets inside Puppet catalogs and reports
Ruby
27
star
67

structured-logging

Write data structures to your logs from clojure
Clojure
27
star
68

puppet-resource_api

This library provides a simple way to write new native resources for https://puppet.com.
Ruby
27
star
69

puppetlabs-reboot

Reboot type and provider
Ruby
26
star
70

vanagon

All of your packages will fit into this van with this one simple trick.
Ruby
26
star
71

vmfloaty

A CLI helper tool for Puppet vmpooler to help you stay afloat
Ruby
25
star
72

puppetlabs-registry

Puppet Module for managing the Windows Registry through custom types and providers
Ruby
25
star
73

puppet-syntax-emacs

Puppet language syntax highlighting for Emacs
Emacs Lisp
25
star
74

pxp-agent

PCP eXecution Protocol Agent
C++
22
star
75

puppetlabs-acl

ACL (Access Control List) module
Ruby
20
star
76

clj-i18n

Clojure i18n library and utilities
Clojure
20
star
77

puppetlabs-transition

Transition module
Ruby
20
star
78

puppetlabs-sslcertificate

Puppet module to manage SSL Certificates on WIndows Server 2008 and upwards
Ruby
20
star
79

puppetlabs-accounts

Account management module
Ruby
19
star
80

provision

Simple tasks to provision and tear_down containers / instances and virtual machines.
Ruby
19
star
81

cppbestpractices

Collection of C++ Best Practices at Puppet Labs
C++
19
star
82

clj-kitchensink

Library of utility functions for clojure
Clojure
19
star
83

jvm-ssl-utils

SSL certificate management on the JVM
Clojure
18
star
84

net_http_unix

AF_UNIX domain socket support on top of Ruby's Net::HTTP libraries
Ruby
18
star
85

design-system

A resource for creating user interfaces based on brand, UX, and dev principles
JavaScript
18
star
86

puppet-eucalyptus

Install and management tools for Eucalyptus built with Puppet
Puppet
17
star
87

puppet-classify

A ruby library to interface with the classifier service
Ruby
17
star
88

puppetdb-cli

PuppetDB CLI Tooling
Go
16
star
89

puppetlabs-rcfiles

Customizations for vim, shell, screen, ruby, etc... The goal is to quickly provide an efficient working environment.
Vim Script
16
star
90

puppetlabs-motd

Simple motd module
Ruby
16
star
91

relay-core

Kubernetes-based execution engine
Go
16
star
92

trapperkeeper-webserver-jetty9

Trapperkeeper webservice service (jetty9 implementation).
Clojure
16
star
93

clj-http-client

HTTP client library wrapping Apache HttpAsyncClient
Clojure
15
star
94

bolt-examples

Puppet
15
star
95

puppet-vro-starter_content

Shell
15
star
96

facter-ng

Collect and display system facts
Ruby
15
star
97

ruby-pwsh

A ruby gem for interacting with PowerShell
Ruby
15
star
98

cisco_ios

Cisco IOS Catalyst module
Ruby
14
star
99

learn-to-be-a-puppet-engineer

In this repository we map out skills that our PSE should have, we try link to existing documentation or blog posts, or if they don't exist, create it.
CSS
14
star
100

puppet-gatling-jenkins-plugin

A Jenkins plugin that extends the gatling library
HTML
14
star