Chapter 11. Separating Data from Code
When using modules, it’s important to separate the code from the input data. A module written for a single target node may work fine with explicit data within the code; however, it won’t be usable on other systems without changes to the code.
If the data resides within the code, you’ll find yourself constantly going back to hack if
/else
conditions into the code for each necessary difference. I’m sure you’ve done this before, or may even have to do this now to maintain scripts you use today. This chapter will introduce a better way.
Moving the data (values) out of the code (manifest) creates reusable blocks of code that can implement configurable, data-driven policy.
Introducing Hiera
Hiera is a key/value lookup tool for configuration data. Puppet uses Hiera to dynamically look up configuration data for Puppet manifests.
Hiera allows you to provide node-specific data to a Puppet module to create a customized policy for the node. Hiera utilizes a configurable hierarchy of information that allows you to tune Hiera appropriately for how information is structured within your organization.
For example, at a small company, you may organize your data in this way:
- Company-wide common data
- Operating system–specific changes
- Site-specific information
A much larger organization might have a hierarchy such as the following:
- Enterprise-level common data
- Company specifics
- Division overrides
- Production/staging/QA/development
- Region (US, EU, Asia)-specific ...
Get Learning Puppet 4 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.