{"id":235,"date":"2015-05-15T17:48:00","date_gmt":"2015-05-15T17:48:00","guid":{"rendered":"https:\/\/questy.org\/?p=235"},"modified":"2024-09-26T19:03:52","modified_gmt":"2024-09-26T19:03:52","slug":"organizing-your-hierarchy-equals-pain","status":"publish","type":"post","link":"https:\/\/questy.org\/index.php\/2015\/05\/15\/organizing-your-hierarchy-equals-pain\/","title":{"rendered":"Organizing Your Hierarchy Equals Pain"},"content":{"rendered":"\n<p><strong>The Pain Point<\/strong><\/p>\n\n\n\n<p>One would think after reading Gary Larizza\u2019s blog that I wouldve come away with the idea that Hiera presents a few issues as it solves a ton\u2026 but no. I had to go and think it was easy, fly off half-cocked and try and tackle a big issue or two, unprepared mind you, and here I am\u2026 re-discovering what humility should be like.<\/p>\n\n\n\n<p><strong>The Problem<\/strong><\/p>\n\n\n\n<p>Hiera looks simple. Disarmingly simple. However, the pain doesn\u2019t come in just looking at a nice, default hiera.yaml:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td>1 <br>2<br>3<br>4<br>5<br>6<br>7<br>8<br>9<\/td><td>:backends:<br>  &#8211; yaml<br>:hierarchy:<br>  &#8211; \u201c{clientcert}\u201d<br>  &#8211; \u201c%{environment}\u201d<br>  &#8211; common<br>:yaml:<br> :datadir:\u201c\/etc\/puppetlabs\/puppet\/environments\/%{environment}\/hieradata\u201d<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p>We can simply look at this and see the wonderful simplicity of how the yaml file is laid out, the ease of adding more hierarchies from which to gain data, and even expand the model to include subdirectories and all sorts of interesting methods of organizing and abstracting our code into usable, organized chunks.<\/p>\n\n\n\n<p>Not so fast.<\/p>\n\n\n\n<p>The real issues begin when you\u2019re dealing with a customer. All too often I find that even they aren\u2019t entirely sure what\u2019s going on in their very own environment, and pushed hard, will actually argue among themselves as to just how everything works. Scary.<\/p>\n\n\n\n<p>The main thing we find ourselves doing is figuring out that last mile\u2026 What precisely is the role of machine X in this environment? Ask two people separate from each other, and they\u2019ll likely give different (sometimes remarkably so) answers. Get them together and they may quibble a bit, but generally get to consensus.<\/p>\n\n\n\n<p>This is REALLY, REALLY important. If the folks you\u2019re trying to help aren\u2019t 100% sure exactly:<\/p>\n\n\n\n<p>What a machine does How a machine is built What it\u2019s role in the organization is You\u2019ve got some real issues.<\/p>\n\n\n\n<p><strong>This Doesn\u2019t Suck<\/strong><\/p>\n\n\n\n<p>Often, engineers look at the Hiera configuration file in a vacuum (so much for the suck joke). Not permanently but definitely independently at first. Then, as the engagement pushes on to defining Roles and Profiles for the site, you have this \u201coh crap\u201d moment, and throw back to the hierarchy and then start modifying lookup layers, but then jump forward to the profiles where the lookups are (or should be, anyhow) and realize they assumed a different hierarchy. Then, jump back to the hiera.yaml, make changes, then back to the profiles and repeat the process and then finally to the component modules, and remediate any assumptions you made on everythin gyou just changed. Uh oh. Wasted time.<\/p>\n\n\n\n<p>I\u2019ve started working through \u201call the things\u201d and have come up with a mechanism that works well for me. Hopefully you can gain some mileage from it as well.<\/p>\n\n\n\n<p><strong>First Thing\u2019s First<\/strong><\/p>\n\n\n\n<p>Some would argue you should do the Hierarchy first while others would argue you do the Profiles first. However, I\u2019ve found that parsing out all the business logic with the team gains a remarkable amount of runway for you to start. Why?<\/p>\n\n\n\n<p>Systems engineers are techno-nerd types. The nuts &amp; bolts, configs and the like are their prime concern and more often than not, they view the site atomically. They can tell you with great detail precisely what each and every machine has installed on it (often\u2026not always), but generally know what the IT ROLE of a node or collection of nodes is for. Further, they can tell you who requested it, what kind of storage may be connected, what business group out there it satisfies the needs of, but with a startling amount of frequency, cannot tell you the BUSINES ROLE of the node.<\/p>\n\n\n\n<p>Q: What is it?<br>A: A web server.<br>Q: What\u2019s it\u2019s purpose?<br>A: To serve web documents, duh!<br>Q: No, no\u2026 what\u2019s it\u2019s business purpose?<br>A: To make money?<br>Q: No, no\u2026 If you were to give it one overarching purpose, one reason for existing, what would it be?<br>A: Oh\u2026 ummm\u2026 I never thought of that before.<\/p>\n\n\n\n<p>You\u2019d be surprised just how often you arrive there with pretty much everyone.<\/p>\n\n\n\n<p>As a result, if you wait until mid-engagement to reach this point, (or at least the middle of the writing phase), you\u2019ve got a fair amount of backtracking, and even refactoring to do before you regain some sense of normalcy and can push forward.<\/p>\n\n\n\n<p><strong>Most Specific to Least<\/strong><\/p>\n\n\n\n<p>As has been said many times and in many ways, your MOST specific designation should always come first. For instance, what is the MOST atomic level of abstraction? Well, the node itself, of course, so the %{clientcert} designator suffices for that.<\/p>\n\n\n\n<p>Well, what\u2019s next? That depends on you. You might have a location to think of (is this data center on the east or west coast, US or Asia). That\u2019s highly broad\u2026 maybe not. It might be environment (such as DEV, TEST, PROD). Again, this is custom to you, and that might still be overly broad and you need to find a happy place between clientcert and environment. Only you can tell me that when I\u2019m standing in front of you, so I generally refrain until I can get the layout of your site.<\/p>\n\n\n\n<p>For instance, one customer had clientcert, then location, then environment. That way, items unique to the data center the nodes were in would get handled first, and then things that were environment unique (regardless of location \u2013 more broad) could get handled next. See? Custom to them and the way they do business or are arranged technologically.<\/p>\n\n\n\n<p>I \u201cborrowed\u201d the name for this post from Bill Engvall to illustrate a point, that if you just run off to development with no prior knowledge of the things Hiera works with, you will encounter the pain of refactoring at what is most likely the component module level and then the profile level as well. If you\u2019ve ever had to do it, and then do it on a time crunch, truly you have felt the pain.<\/p>\n\n\n\n<p>Avoid it. Think before you act.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Pain Point One would think after reading Gary Larizza\u2019s blog that I wouldve come away with the idea that Hiera presents a few issues as it solves a ton\u2026 but no. I had to go and think it was easy, fly off half-cocked and try and tackle a big issue or two, unprepared mind [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[3],"tags":[],"class_list":["post-235","post","type-post","status-publish","format-standard","hentry","category-puppet-news"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_likes_enabled":true,"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/questy.org\/index.php\/wp-json\/wp\/v2\/posts\/235","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/questy.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/questy.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/questy.org\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/questy.org\/index.php\/wp-json\/wp\/v2\/comments?post=235"}],"version-history":[{"count":1,"href":"https:\/\/questy.org\/index.php\/wp-json\/wp\/v2\/posts\/235\/revisions"}],"predecessor-version":[{"id":236,"href":"https:\/\/questy.org\/index.php\/wp-json\/wp\/v2\/posts\/235\/revisions\/236"}],"wp:attachment":[{"href":"https:\/\/questy.org\/index.php\/wp-json\/wp\/v2\/media?parent=235"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/questy.org\/index.php\/wp-json\/wp\/v2\/categories?post=235"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/questy.org\/index.php\/wp-json\/wp\/v2\/tags?post=235"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}