I am failing at Hiera/Host Parameters

Support
1

I’m trying to understand how heira/Host parameters should work in forman and making a complete mess of it, essentially what I want to do is configure the wireguard module with part of the config based on the host itself and part of the config based on the hostgroup so that I only need to define the peers in one place.

I managed to get it to work once on a standalone puppet 5 server using common.yaml, but I don’t really want the wireguard configuration in common.yaml because i could have a situation where I want wireguard but I don’t want the common peer configuration.

At the moment my Hiera (In Environment production) looks like this

   --- 
defaults: 
  data_hash: yaml_data
  datadir: data
hierarchy: 
  - 
    name: "Per-node data"
    path: "nodes/%{trusted.certname}.yaml"
  -
    name: "load hostgroup"
    path: "hostgroup/%{kt_org}/%{hostgroup}"
  - 
    name: "Per-OS defaults"
    path: "os/%{facts.os.family}.yaml"
  - 
    name: "Common data"
    path: common.yaml
version: 5

I don’t think that hostgroup part works, I would expect it to be looking at

/etc/puppetlabs/code/environments/production/data/hostgroup/Dragons/All/wgmesh.yaml or
/etc/puppetlabs/code/environments/production/data/hostgroup/Dragons/All/wgmesh

Where my Org is called Dragons (renamed from the default) and the hostgroup is nested group of All/wgmesh

The node definition in Yaml contains

wireguard::interfaces:
    'wg99':
     listen_port: 55555
     address: '10.0.xxx.1/24'
     private_key: ‘removed’

The common bit (Common.yaml) I had working on standalone puppet was as follows

lookup_options:
  wireguard::interfaces:
    merge:
      strategy: deep
      merge_hash_arrays: true

wireguard::interfaces:
    'wg99':
     peers:
     -
      PublicKey: ‘peers key’
      AllowedIPs: ‘1.2.3.4’
      Endpoint: ‘2.3.4.2:8080’
      PersistentKeepalive: 300
     -
      PublicKey: ‘peers key’
      AllowedIPs: '10.0.xxy.0/24'
      Endpoint: ‘7.11.3.1:1112'

This is puppet 6 on centos with foreman 1.23 (installed yesterday).

I did try to use paramaters in the webUI (both smart class and host paramaters but all I succeeded in doing was breaking the host’s configuration)

2

I figured out why it wasn’t working in common.yaml on the foreman server, that was because I missed the lookup_options: line when I’d copied it in.

If I could get it working using the hostgroup instead of common then that would be good,

If I could get it working with the configuration defined in the foreman UI rather than hiera that would be even better.

3

Right this seems to work, the pervious one was based off an example I’d seen for satellite 6, but after taking a break and actually stopping to think I realised I was being a complete idiot because I don’t have Katello, so there’s not likely to be any katello based facts.

--- 
defaults: 
  data_hash: yaml_data
  datadir: data
hierarchy: 
  - 
    name: "Per-node data"
    path: "nodes/%{trusted.certname}.yaml"
  -
    name: "load hostgroup"
    path: "hostgroup/%{::organization}/%{::hostgroup}.yaml"
  - 
    name: "Per-OS defaults"
    path: "os/%{facts.os.family}.yaml"
  - 
    name: "Common data"
    path: common.yaml
version: 5

Also the lookup options has to be correctly set or puppet won’t merge in lower level definitions.

It would be nice if I could get this working via the Foreman web frontend but it’s not world-ending if I can’t

4

Foreman is typically deployed as an ENC as documented. I’m working on an update for this but the basics aren’t that different. Recently I also added a lookup function which brings it natively in hiera but that’s aimed at advanced users who know what they’re doing since there’s minimal documentation. Contributions welcome of course :slight_smile: