Puppet Class: puppet_agent

Inherits:
puppet_agent::params
Defined in:
manifests/init.pp

Summary

Upgrades Puppet 4 and newer to the requested version.

Overview

example for clients in dmz:s that need to use proxy to reach the repo

provided by puppetserver.

Parameters:

  • arch (String) (defaults to: $facts['os']['architecture'])

    The package architecture. Defaults to the architecture fact.

  • collection (String) (defaults to: $puppet_agent::params::collection)

    The Puppet Collection to track. Defaults to ‘PC1’.

  • is_pe (Boolean) (defaults to: $puppet_agent::params::_is_pe)

    Install from Puppet Enterprise repos. Enabled if communicating with a PE master.

  • manage_pki_dir (Boolean) (defaults to: true)

    Whether or not to manage the /etc/pki directory. Defaults to true. Managing the /etc/pki directory inside the puppet_agent module can be problematic for organizations that manage gpg keys and settings in other modules.

  • manage_repo (Boolean) (defaults to: true)

    Boolean to determine whether to configure repositories This is intended to provide the ability to disable configuring a local repo in support of systems that manage external repositories (i.e. spacewalk/satellite) to enable users to add the proper packages to their internal repos and to utilize default package providers for the install

  • package_name (String) (defaults to: 'puppet-agent')

    The package to upgrade to, i.e. ‘puppet-agent`.

  • package_version (Optional) (defaults to: undef)

    The package version to upgrade to. Explicitly specify the version to upgrade to, or set to ‘auto’ to specify the version of the compiling master.

  • service_names (Array) (defaults to: $puppet_agent::params::service_names)

    An array of services to start, normally ‘puppet`. None will be started if the array is empty.

  • source (Optional) (defaults to: undef)

    **INCLUDED FOR COMPATIBILITY WITH MODULE VERSIONS 1.0/2.0. PREFER USE OF “absolute_source”, “apt_source”, “deb_source” etc. OVER USE OF “source”.**

    The location to find packages. Replaces base URL for unix/MacOS agents, used as fully qualified path in windows

  • absolute_source (Optional) (defaults to: undef)

    The exact location of the package to install. The entire path to the package must be provided with this parameter.

  • yum_source (String) (defaults to: 'http://yum.puppet.com')

    Base URL of the location of mirrors of yum.puppet.com downloads sites. Directories under the URL “yum_source” should match the structure of the yum.puppet.com

  • apt_source (String) (defaults to: 'https://apt.puppet.com')

    Base URL of the location of mirrors of apt.puppet.com downloads sites. Directories under the URL “apt_source” should match the structure of the apt.puppet.com

  • mac_source (String) (defaults to: 'https://downloads.puppet.com')

    Base URL of the location of mirrors of downloads.puppet.com downloads site that serves MacOS packages. Directories under the URL “mac_source” should match the structure of the downloads.puppet.com site

  • windows_source (String) (defaults to: 'https://downloads.puppet.com')

    Base URL of the location of mirrors of downloads.puppet.com downloads site that serves Windows packages. Directories under the URL “windows_source” should match the structure of the downloads.puppet.com site

  • solaris_source (String) (defaults to: 'puppet:///pe_packages')

    Base URL of the location of a mirror for Solaris packages. Currently, solaris packages can only be made available by using puppetlabs-pe_repo. This means the mirror must be of a PE master package serve.

  • aix_source (String) (defaults to: 'puppet:///pe_packages')

    Base URL of the location of a mirror for AIX packages. Currently, AIX packages can only be made available by using puppetlabs-pe_repo. This means the mirror must be of a PE master package serve.

  • use_alternate_sources (Boolean) (defaults to: false)

    **ONLY APPLICABLE WHEN WORKING WITH PE INSTALLTIONS** When set to true will force downloads to come from the values of $apt_source, $deb_source $mac_source etc. rather than from the default PE master package serve. Note that this will also force downloads to ignore alternate_pe_source

  • alternate_pe_source (Optional) (defaults to: undef)

    Base URL of the location where packages are located in the same structure that’s served by a PE master (the directory structure in PE for serving packages is created by the puppetlabs-pe_repo module). The general structure served by PE is: /packages/$pe_server_version/$platform_tag/$package_name

  • install_dir (Optional[Stdlib::Absolutepath]) (defaults to: undef)

    The directory the puppet agent should be installed to. This is only applicable for windows operating systems. This only applies when upgrading the agent to a new version; it will not cause re-installation of the same version to a new location.

  • install_options (Array) (defaults to: [])

    An array of additional options to pass when installing puppet-agent. Each option in the array can either be a string or a hash. Each option will automatically be quoted when passed to the install command. With Windows packages, note that file paths in an install option must use backslashes. (Since install options are passed directly to the installation command, forward slashes won’t be automatically converted like they are in ‘file` resources.) Note also that backslashes in double-quoted strings must be escaped and backslashes in single-quoted strings can be escaped.

  • msi_move_locked_files (Boolean) (defaults to: false)

    This is only applicable for Windows operating systems. There may be instances where file locks cause unncessary service restarts. By setting to true, the module will move files prior to installation that are known to cause file locks.

  • wait_for_pxp_agent_exit (Optional) (defaults to: undef)

    This parameter is only applicable for Windows operating systems and pertains to the /files/install_agent.ps1 script. This parameterizes the module to define the wait time for the PXP agent to end successfully. The default value is set 2 minutes.

  • wait_for_puppet_run (Optional) (defaults to: undef)

    This parameter is only applicable for Windows operating systems and pertains to the /files/install_agent.ps1 script. This parameterizes the module to define the wait time for the current puppet agent run to end successfully. The default value is set 2 minutes.

  • config (Array[Puppet_agent::Config]) (defaults to: [])

    An array of configuration data to enforce. Each configuration data item must be a Puppet_agent::Config hash, which has keys for puppet.conf section, setting, and value. This parameter is constrained to managing only a predetermined set of configuration settings, e.g. runinterval.

  • proxy (Optional) (defaults to: undef)

    This is to be able to configure yum-repo with proxy, needed for

  • version_file_path (String) (defaults to: $facts['os']['family'] ? { 'windows' => "${facts['env_windows_installdir']}\\VERSION", default => '/opt/puppetlabs/puppet/VERSION')

    The default install path for the VERSION file

  • skip_if_unavailable (String) (defaults to: 'absent')
  • disable_proxy (Boolean) (defaults to: false) 


105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
 
# File 'manifests/init.pp', line 105

class puppet_agent (
  String                         $arch                    = $facts['os']['architecture'],
  String                         $collection              = $puppet_agent::params::collection,
  Boolean                        $is_pe                   = $puppet_agent::params::_is_pe,
  Boolean                        $manage_pki_dir          = true,
  Boolean                        $manage_repo             = true,
  String                         $package_name            = 'puppet-agent',
  Optional                       $package_version         = undef,
  Array                          $service_names           = $puppet_agent::params::service_names,
  Optional                       $source                  = undef,
  Optional                       $absolute_source         = undef,
  String                         $yum_source              = 'http://yum.puppet.com',
  String                         $apt_source              = 'https://apt.puppet.com',
  String                         $mac_source              = 'https://downloads.puppet.com',
  String                         $windows_source          = 'https://downloads.puppet.com',
  String                         $solaris_source          = 'puppet:///pe_packages',
  String                         $aix_source              = 'puppet:///pe_packages',
  Boolean                        $use_alternate_sources   = false,
  Optional                       $alternate_pe_source     = undef,
  Optional[Stdlib::Absolutepath] $install_dir             = undef,
  Boolean                        $disable_proxy           = false,
  Optional                       $proxy                   = undef,
  Array                          $install_options         = [],
  String                         $skip_if_unavailable     = 'absent',
  Boolean                        $msi_move_locked_files   = false,
  Optional                       $wait_for_pxp_agent_exit = undef,
  Optional                       $wait_for_puppet_run     = undef,
  Array[Puppet_agent::Config]    $config                  = [],
  String                         $version_file_path       = $facts['os']['family'] ? { 'windows' => "${facts['env_windows_installdir']}\\VERSION", default => '/opt/puppetlabs/puppet/VERSION' }
) inherits puppet_agent::params {
  # The configure class uses $puppet_agent::config to manage settings in
  # puppet.conf, and will always be present. It does not require management of
  # the agent package. Dependencies for configure will be declared later if the
  # puppet_agent::prepare and puppet_agent::install are also added to the
  # catalog.
  contain('puppet_agent::configure')

  if (getvar('::aio_agent_version') == undef) {
    fail('The puppet_agent module does not support pre-Puppet 4 upgrades.')
  }

  if $package_version == 'latest' and $facts['os']['family'] =~ /^(?i:windows|solaris|aix|darwin)$/ {
    fail("Setting package_version to 'latest' is not supported on ${$facts['os']['family'].capitalize()}")
  }

  if $source != undef and $absolute_source != undef {
    fail('Only one of $source and $absolute_source can be set')
  }

  if $package_version == undef {
    info('puppet_agent performs no actions if a package_version is not specified')
  } elsif defined('$::pe_server_version') {
    info('puppet_agent performs no actions on PE infrastructure nodes to prevent a mismatch between agent and PE components')
  } else {
    # In this code-path, $package_version != undef AND we are not on a PE infrastructure
    # node since $::pe_server_version is not defined

    if $facts['os']['architecture'] == 'x86' and $arch == 'x64' {
      fail('Unable to install x64 on a x86 system')
    }

    # The AIO package version and Puppet version can, on rare occasion, diverge.
    # This logic checks for the AIO version of the server, since that's what the package manager cares about.
    if $package_version == 'auto' {
      $master_or_package_version = chomp(file($version_file_path))
    } else {
      $master_or_package_version = $package_version
    }

    if $facts['os']['family'] == 'redhat' {
      if $master_or_package_version !~ /^\d+\.\d+\.\d+.*$|^latest$|^present$/ {
        fail("invalid version ${master_or_package_version} requested")
      }
    } else {
      if $master_or_package_version !~ /^\d+\.\d+\.\d+([.-]?\d*|\.\d+\.g[0-9a-f]+)$|^latest$|^present$/ {
        fail("invalid version ${master_or_package_version} requested")
      }
    }

    # Strip git sha from dev builds
    if $master_or_package_version =~ /.g/ {
      $_expected_package_version = split($master_or_package_version, /[.-]g.*/)[0]
    } elsif $facts['os']['family'] == 'redhat' {
      $_expected_package_version = $master_or_package_version.match(/^\d+\.\d+\.\d+|^latest$|^present$/)[0]
    } else {
      $_expected_package_version = $master_or_package_version
    }

    if $_expected_package_version == 'latest' {
      $aio_upgrade_required = true
      $aio_downgrade_required = false
    } elsif $_expected_package_version == 'present' {
      $aio_upgrade_required = false
      $aio_downgrade_required = false
    } else {
      $aio_upgrade_required = versioncmp($facts['aio_agent_version'], $_expected_package_version) < 0
      $aio_downgrade_required = versioncmp($facts['aio_agent_version'], $_expected_package_version) > 0
    }

    if $aio_upgrade_required {
      if any_resources_of_type('filebucket', { path => false }) {
        if $settings::digest_algorithm != $facts['puppet_digest_algorithm'] {
          fail("Remote filebuckets are enabled, but there was a agent/server digest algorithm mismatch. Server: ${settings::digest_algorithm}, agent: ${facts['puppet_digest_algorithm']}. Either ensure the algorithms are matching, or disable remote filebuckets during the upgrade.")
        }
      }
    }

    if $facts['os']['name'] == 'Solaris' and $facts['os']['release']['major'] == '11' {
      # Strip letters from development builds. Unique to Solaris 11 packaging.
      $_version_without_letters = regsubst($master_or_package_version, '[a-zA-Z]', '', 'G')
      $_version_without_orphan_dashes = regsubst($_version_without_letters, '(^-|-$)', '', 'G')
      $_package_version = regsubst($_version_without_orphan_dashes, '\b(?:0*?)([1-9]\d*|0)\b', '\1', 'G')
    } else {
      $_package_version = $master_or_package_version
    }

    class { 'puppet_agent::prepare':
      package_version => $_package_version,
    }
    class { 'puppet_agent::install':
      package_version => $_package_version,
      install_dir     => $install_dir,
      install_options => $install_options,
    }

    contain('puppet_agent::prepare')
    -> contain('puppet_agent::install')
    -> Class['puppet_agent::configure']

    # Service management:
    # - Under Puppet Enterprise, the agent nodegroup is managed by PE, and we don't need to manage services here.
    # - On Windows, services are handled by the puppet-agent MSI packages themselves.
    # ...but outside of PE, on other platforms, we must make sure the services are restarted. We do that with the
    # ::puppet_agent::service class. Make sure it's applied after the install process finishes if needed:
    if $facts['os']['family'] != 'windows' and (!$is_pe or versioncmp($facts['clientversion'], '4.0.0') < 0) {
      Class['puppet_agent::configure']
      ~> contain('puppet_agent::service')
    }
  }
}