The Complete Hiera Course: A Puppet Masterclass

Historically managing data in Puppet was tedious and complex, in this section we look at the problem of managing data in Puppet.

An introduction to Hiera where we look at the history of Hiera and discuss its core strengths and features

Data separation is fundamental to maintaining shareable and re-usable Puppet modules, in this section we look at the concepts and benefits of data separation

This course uses a working environment based on Vagrant to provide you with the tools you need to follow along to the interactive demos throughout the course, this section will explain how the training environment is set up and guide you through the setup of your working environment.

This section looks at Hieras main configuration file, hiera.yaml.  We will look at where this file should be located and the main configuration stanzas of the file.  We will look closely at some of the most common configuration options in order to construct a basic hierarchy for data lookups

In this section you can follow along as we create a hiera.yaml file on our training environment to construct a minimal viable hierarchy that we will build on later

We will discuss the three different ways that we can use Hiera to lookup data, through the CLI, Puppet code and data bindings, and we will look at what a key value pair stored in Hiera consists of

Now we've added data to Hiera we will look at the simplest way to query the data using the puppet lookup command on the CLI

In this lecture we take our first look at looking up Hiera data directly from Puppet code, using the lookup function.

We cover the concepts of automatic data bindings within Puppet, where class parameters are automatically looked up from Hiera.  We will then use Hiera to configure the motd Puppet module using this feature

We will look at how we can use facts to construct dynamic hierarchies that can be used to override data values

In this video we walk through constructing our own dynamic hierarchy using facts in hiera.yaml

In order to demonstrate hierarchical lookups effectively, we're going to be spinning up a second VM in our Vagrant environment.   This video will walk you through the steps so you can emulate the same environment, if you do not have enough resources to run two VMs then you can use the existing Puppet VM you already have running.

Now we've got a working set up with two VM's we walk through how to use Hiera to override keys in the hierarchy and demonstrate the concept of hierarchical lookups in practice.

We will look at how we can interpolate facts and other variables into Hiera data, then we will walk through using two facts to add dynamic content to the key we previously created

We will discuss Hiera functions and how to incorporate them into your Hiera data

In this lecture we look briefly at escaping characters in Hiera data using the literal function, and conclude with some cautionary notes about Hiera function usage.

In this section we look at times when we want Hiera to cascade through a hierarchy and merge the results, and we look at the various options available to do this.

We look at the first type of merge behaviour called unique, which we use to cascade through the hierarchy and merge strings or arrays across the hierarchy

We looked at the unique merge type for handling strings and arrays, in this section we look at how to handle merging hashes within our hierarchy and the difference between the hash and deep merge types.

So far we've looked at controlling lookup behaviour using --merge on the command line, in this section we explore a feature of Hiera called lookup_options that allows us to set merge behaviour directly from the Hiera data

To begin to understand data in modules we first look at how the popular params.pp pattern came into existence and what problems it aimed to solve.

To understand how data in modules works we first need to look at the three levels of configuration hierarchy, where we can define hiera configuration at a global level, per Puppet environment and inside a module itself.

In this video we dig down into one of the modules we have installed in our training environment to see how it uses data in modules to set dynamic module defaults instead of the legacy params pattern within code.

With Hiera we can use the popular Eyaml plugin to handle encryption and decryption of our secret data.  In this lecture we will introduce you to the Eyaml and how it solves the problem of secret data management in Hiera

We will look at how to install and upgrade eyaml and then review the eyaml command that is installed

Before we can use Eyaml we must first create a private and public keypair.  In this section we'll take our first steps with Eyaml and create the keys needed for encryption and decryption

Here we will take a look at where Eyaml looks for configuration files and cover the basic configuration directives that we will need.

In this section we will look at the eyaml encrypt command and learn how to use eyaml to encrypt strings and files on the command line

We looked previously at encrypting data on the command line, here we look at how to decrypt data using the eyaml decrypt command

Here we learn how to use the eyaml edit command to edit files with decryption done inline within the file, we then use this command to add our first encrypted data to Hiera.

Now we've covered the core concepts of Eyaml, we will now tie everything together by learning how to configure Hiera to use the Eyaml backend and use puppet lookup to query secret data from Hiera and obtain the decrypted string