I am currently working on a project that has a reasonable amount of complex data in stored in hiera. For security we are using eyaml with AWS KMS encryption to secure the data.
The data is hierarchical and moves from the generic to the specific and is merged together within puppet by using hiera hashes. The problem is that when this configuration is mis-configured (i.e. missing or invalid key) the output from hiera/puppet is not particularly helpful.
If you add the –trace command to your puppet command such as this:
puppet apply my_manifest.pp --verbose --debug --trace
This will give you the stack trace of the command where it failed. You can then add the appropriate ruby “puts” statements to increase the debugging and this should hopefully allow you to more accurately diagnose the issue.comments powered by Disqus