Using example of Hiera NTP in puppet does not work

hierapuppet

I am currently trying to rebuild the example described here

The Problem is, that when I try to get the ntp::servers variable I get the following error, which I have problems with understanding.

hiera ntp::servers ::fqdn=debian

/usr/lib/ruby/vendor_ruby/hiera/backend.rb:18:in `[]': can't convert Symbol into Integer (TypeError)
from /usr/lib/ruby/vendor_ruby/hiera/backend.rb:18:in `datadir'
from /usr/lib/ruby/vendor_ruby/hiera/backend.rb:98:in `datasourcefiles'
from /usr/lib/ruby/vendor_ruby/hiera/backend/yaml_backend.rb:16:in `lookup'
from /usr/lib/ruby/vendor_ruby/hiera/backend.rb:206:in `block in lookup'
from /usr/lib/ruby/vendor_ruby/hiera/backend.rb:203:in `each'
from /usr/lib/ruby/vendor_ruby/hiera/backend.rb:203:in `lookup'
from /usr/lib/ruby/vendor_ruby/hiera.rb:60:in `lookup'
from /usr/bin/hiera:225:in `<main>'

I considering the torubleshooting bulletpoints

  • Your hiera.yaml file matches the example we provided
  • You’ve put a symlink to hiera.yaml where the command line tool expects to find it (/etc/hiera.yaml)
  • You’ve saved your kermit.example.com data source file with a .yaml extension
  • Your data source file’s YAML is well formed
  • You restarted your puppet master if you modified hiera.yaml

My /etc/puppet/hiera.yaml. (a bit different, but it should also work)

:backends:
  - yaml
  - puppet
:yaml:
  - :datadir: /etc/puppet/hieradata
:puppet:
  - :datadir: data
:hierarchy:
  - "node/%{::clientcert}"
  - "%{::environment}"
  - common

Symlink is correct

ls -l /etc/hiera.yaml 
lrwxrwxrwx 1 root root 22 Sep 15 15:33 /etc/hiera.yaml -> /etc/puppet/hiera.yaml

My example file: /etc/puppet/hieradata/node/debian.yaml

ntp::restrict:
  -
ntp::autoupdate: false
ntp::enable: true
ntp::servers:
  - 0.us.pool.ntp.org iburst
  - 1.us.pool.ntp.org iburst
  - 2.us.pool.ntp.org iburst
  - 3.us.pool.ntp.org iburst

I do not exactly which tools to use to check if the YAML was welformed. I copied it from the website, so I asume it is ok.

The Puppetmaster was also restarted to be sure.

So what could be the problem with the error the hiera tool gives me?

Best Answer

You have chosen the more secure path of using %{::clientcert} instead of %{::fqdn}, which is commendable. But make sure to supply a value for that rather than ::fqdn=debian when performing the lookup.

Furthermore, rather than :datadir, the puppet backend has a :datasource option (see the docs).

I recommend removing the puppet backend for the time being. Add it if you find you really need it. Most users won't.

Related Topic