We have installed **hiera-eyaml** rubygem as the root user on the Puppet Master node to encrypt/decrypt our passwords.
*# /opt/puppetlabs/bin/puppetserver gem install hiera-eyaml --no-doc --no-ri
--verbose*
*# /opt/puppetlabs/puppet/bin/gem install hiera-eyaml --no-doc --no-ri
--verbose*
**eyaml** command seems to work fine on the commandline to encrypt/decrypt passwords and also edit the *.yaml files containing the passwords
*# /opt/puppetlabs/puppet/bin/eyaml*
Our Hiera file :
*:backends:*
*- eyaml*
*- yaml*
*:eyaml:*
*:datadir: "/etc/puppetlabs/code/environments/%{environment}/hieradata"*
*:pkcs7_private_key: /etc/puppetlabs/puppet/eyaml-keys/%{environment}/%{::zone}/private_key.pkcs7.pem*
*:pkcs7_public_key: /etc/puppetlabs/puppet/eyaml-keys/%{environment}/%{::zone}/public_key.pkcs7.pem*
*:cache_decrypted: false*
*:extension: 'yaml'*
*:yaml:*
*:datadir: "/etc/puppetlabs/code/environments/%{environment}/hieradata"*
*:hierarchy:*
*- "environments/%{::environment}/%{::zone}_secure"*
- "environments/%{::environment}/%{::zone}"
- "environments/%{::environment}/%{::environment}"
- "roles/%{::role}"
- "common"
- "versions/artifact-versions"*
Note : zone and role are our external facts
We also restarted PuppetMaster and reinstalled hiera-eyaml. We still have the same issue.
PuppetMaster is unable to decrypt the passwords during a puppet agent run for us . It produces the following error :
**[puppetserver] Puppet Evaluation Error: Error while evaluating a Function Call, Cannot load backend eyaml: no such file to load --
hiera/backend/eyaml_backend at /etc/puppetlabs/code/environments/production/manifests/site.pp:2:10 on node**
I have enclosed the below version information that we use :
Puppet Version : 4.7.0
pe-puppetserver-2016.4.0.1006
pe-puppet-enterprise-release-2016.4.2.0
puppet-agent-1.7.1
64-bit, RHEL 7.3 (Maipo)
*# /opt/puppetlabs/bin/puppetserver gem list --local | grep -E "(eyaml|trollop|highline)"
hiera-eyaml (2.1.0)*
highline (1.6.21)
trollop (2.1.2)
*# /opt/puppetlabs/puppet/bin/gem list --local | grep -E "(eyaml|trollop|highline)"*
*hiera-eyaml (2.1.0)*
*highline (1.6.21)*
*trollop (2.1.2)*
*# /opt/puppetlabs/puppet/bin/ruby --version*
ruby 2.1.9p490
*# /opt/puppetlabs/puppet/bin/gem --version*
2.2.5
↧
Hiera Eyaml Error - Cannot load backend eyaml: no such file to load -- hiera/backend/eyaml_backend
↧