YAML Manifests
A manifest is a YAML file that combines data, platform-specific configuration and resources all in one file.
There is no logic - other than what expressions can do, consider it to be no more complex than basic example multi-resource shell scripts.
The YAML file resolves the manifest using Choria Hierarchical Data Resolver, our single-file implementation of Hiera.
Full Example
Input Data
First, we define input data, think of this like the properties a module accepts:
Resources
We will manage the Apache Server package here:
Configure Hierarchy
We need to be able to configure the package name on a number of dimensions - like OS Platform - so we’ll create a Hierarchy here:
Here we will look for overrides in os:rhel, os:debian etc
Overrides
Finally, we configure a package name for Debian:
Applying the manifest
Let’s apply the manifest, this is how it should look now:
We can apply this manifest like so, we can see first run makes a change 2nd run is stable:
One can also see the fully resolved manifest and data without applying it:
Overriding Data
It might be useful to override/augmenting the data in a manifest with another Hiera file, or KV bucket.
To do this pass --hiera kv://CCM/common to the ccm apply command.
Setting Defaults
Writing manifests with many similar resources can become tedious, we support setting defaults in the manifest itself:
Here we create two files with the same owner and group but different contents and a different mode on one of the files. The motd file is unaffected by the defaults earlier as it’s a new scope.
Templating
Manifests and resources support templates like {{ lookup("key") }}, but these cannot be use to generate new resources, they are purely to adjust specific values in valid YAML files.
Many times though one needs to create resources from data, for example you might have Hiera data that sets packages:
And want to set different packages for different nodes based on the Hierarchy, for this we can use Jet Templates
First, we set the path to the template holding resources instead ot the resources themselves:
Note
The template should be in the same directory as the manifest
The data available in this template will be post Hierarchy evaluation so you will have access to the full Hierarchy resolved data, additionally you can also access Facts and Environ.
Controlling failure handling
By default, if any resource fails, the apply will continue to the next resource, and at the moment we do not have any concept that let one resource require another.
This behavior can be controlled by using the fail_on_error flag which will terminate the manifest apply as soon as a resource fails.
When running we can see the second is never invoked:
Checking what would be done (Noop mode)
One can ask the system to operate in Noop mode, meaning it will attempt to detect what would happen without actually doing it.
This is achieved by using the --noop flag.
Note
Noop mode is not perfect, if a change in a resource affects a future resource, it cannot always be detected.
Manifests in NATS Object Store
Like Hierarchical Data data can be accessed via NATS Server to avoid needing all the manifests and hiera files locally.
NATS is a lightweight messaging system that is straightforward to run and host; it supports being used as a Key-Value store.
We can’t cover NATS here in detail here, but manifest and dependant files can be stored in NATS Object Stores and used in the ccm apply command.
Let’s add a context called ccm for our needs:
We create a Object Store stored replicated in a cluster and store the hierarchy from hiera.yaml in a Key called data:
Let’s create a manifest that copies a file onto the node:
You can see here we read the file motd and copy it to /etc/motd on the node.
Let’s create a tar file and place it in the Object Store:
We can now apply the manifest: