MT#17213 Switch GRML disaster recovery to new puppet-agent

Previously we were installing old puppet from jessie and then upgraded to new puppet-agent on puppet.mgm role only. So, it is a time to start installing puppet-agent by default as a first step to switch all our server to puppet-agent which will allows us to shutdown mcollective.mgm host as Puppet 4 has integrated mcollective already. There is no point to have support for squeezy here, as puppetlabs-squeezy doesn't exist, so puppet-agent cannot be installed. Change-Id: I6fe26da35a883a498d1c13014ff210d5744231fc
9 years ago · b1d8d52599
parent 87c714ac26
commit b1d8d52599
1 changed files with 51 additions and 63 deletions
--- a/deployment.sh
+++ b/deployment.sh
@ -1259,7 +1259,7 @@ if [ -n "$PUPPET" ] ; then
  cat >> /etc/debootstrap/packages << EOF
 # for interal use at sipwise
 openssh-server
-puppet
+puppet-agent
 EOF
 fi

@ -1288,6 +1288,12 @@ deb ${SEC_MIRROR} ${DEBIAN_RELEASE}-security main contrib non-free
 deb ${MIRROR} ${DEBIAN_RELEASE}-updates main contrib non-free
 EOF

+if [ -n "$PUPPET" ] ; then
+  cat >> /etc/debootstrap/etc/apt/sources.list << EOF
+deb ${SIPWISE_REPO_TRANSPORT}://${DEBIAN_REPO_HOST}/puppetlabs-${DEBIAN_RELEASE}/ ${DEBIAN_RELEASE} main PC1 dependencies
+EOF
+fi
+
 # GRUB versions until Debian/wheezy generate an invalid device.map
 # entry if /dev/disk/by-id/lvm-pv-uuid-* is present, resulting in
 # a GRUB installation failing with "error: no such disk" during boot.
@ -2132,11 +2138,21 @@ puppet_install_from_git () {
    die "ERROR: Cannot clone git repository, see the error above, cannot continue!"
  fi

-  echo "Deploying Puppet config from Git repository to ${TARGET}/etc/puppet/"
-  cp -a "${PUPPET_LOCAL_GIT}/manifests" "${TARGET}/etc/puppet/"
-  cp -a "${PUPPET_LOCAL_GIT}/modules" "${TARGET}/etc/puppet/"
+  local PUPPET_CODE_PATH
+  PUPPET_CODE_PATH="/tmp/puppet/"
+
+  echo "Deploying Puppet config from Git repository to ${TARGET}/${PUPPET_CODE_PATH}"
+  mkdir -m 0755 -p "${TARGET}/${PUPPET_CODE_PATH}"
+  cp -a "${PUPPET_LOCAL_GIT}/manifests" "${TARGET}/${PUPPET_CODE_PATH}"
+  cp -a "${PUPPET_LOCAL_GIT}/modules" "${TARGET}/${PUPPET_CODE_PATH}"
  rm -rf "${PUPPET_LOCAL_GIT}"

+  local PUPPET_TMP_ENV
+  PUPPET_TMP_ENV="${TARGET}/etc/puppetlabs/code/environments/${PUPPET}"
+
+  echo "Creating empty Puppet environment '${PUPPET_TMP_ENV}'"
+  mkdir -m 0755 -p "${PUPPET_TMP_ENV}"
+
  case "${PUPPET_RESCUE_DRIVE}" in
    auto)
      echo "Searching for Hiera rescue device by label '${PUPPET_RESCUE_LABEL}'..."
@ -2156,8 +2172,8 @@ puppet_install_from_git () {
      echo "Copying data from device '${PUPPET_RESCUE_DRIVE}' (mounted into '${PUPPET_RESCUE_PATH}', type '${device_type}')"
      mkdir -p "${PUPPET_RESCUE_PATH}"
      mount -t "${device_type}" -o ro "${PUPPET_RESCUE_DRIVE}" "${PUPPET_RESCUE_PATH}"
-      mkdir -m 0700 -p "${TARGET}/etc/puppet/hieradata/"
-      cp -a "${PUPPET_RESCUE_PATH}"/hieradata/* "${TARGET}/etc/puppet/hieradata/"
+      mkdir -m 0700 -p "${TARGET}/etc/puppetlabs/code/hieradata/"
+      cp -a "${PUPPET_RESCUE_PATH}"/hieradata/* "${TARGET}/etc/puppetlabs/code/hieradata/"
      umount -f "${PUPPET_RESCUE_PATH}"
      rmdir "${PUPPET_RESCUE_PATH}"
      ;;
@ -2169,50 +2185,30 @@ puppet_install_from_git () {
      ;;
  esac

-  case "${DEBIAN_RELEASE}" in
-    jessie|stretch)
-      echo "Supported Debian release ${DEBIAN_RELEASE} detected, continue..."
-      if "${PUPPET_INIT_HIERA}" ; then
-        echo "Initializing Hiera config..."
-        grml-chroot $TARGET puppet apply --test -e "include puppet::hiera" 2>&1 | tee -a /tmp/puppet.log
-        check_puppet_rc "${PIPESTATUS[0]}" "2"
-      fi
-      grml-chroot $TARGET puppet apply --test --tags core /etc/puppet/manifests/site.pp 2>&1 | tee -a /tmp/puppet.log
-      check_puppet_rc "${PIPESTATUS[0]}" "2"
-      if [ -f "${TARGET}/etc/profile.d/puppet-agent.sh" ] ; then
-          echo "Exporting Puppet 4 new PATH (otherwise /opt/puppetlabs/bin/puppet is not found)"
-          source "${TARGET}/etc/profile.d/puppet-agent.sh"
-      fi
-      grml-chroot $TARGET puppet apply --test /etc/puppet/manifests/site.pp 2>&1 | tee -a /tmp/puppet.log
-      check_puppet_rc "${PIPESTATUS[0]}" "2"
-      ;;
-    *)
-      die "ERROR: Unsupported Debian release ${DEBIAN_RELEASE} detected, cannot continue!"
-      ;;
-  esac
+  if "${PUPPET_INIT_HIERA}" ; then
+    echo "Initializing Hiera config..."
+    grml-chroot $TARGET puppet apply --test --modulepath="${PUPPET_CODE_PATH}/modules" \
+        -e "include puppet::hiera" 2>&1 | tee -a /tmp/puppet.log
+    check_puppet_rc "${PIPESTATUS[0]}" "2"
+  fi
+
+  grml-chroot $TARGET puppet apply --test --modulepath="${PUPPET_CODE_PATH}/modules" --tags core \
+        "${PUPPET_CODE_PATH}/manifests/site.pp" 2>&1 | tee -a /tmp/puppet.log
+  check_puppet_rc "${PIPESTATUS[0]}" "2"
+
+  grml-chroot $TARGET puppet apply --test --modulepath="${PUPPET_CODE_PATH}/modules" \
+        "${PUPPET_CODE_PATH}/manifests/site.pp" 2>&1 | tee -a /tmp/puppet.log
+  check_puppet_rc "${PIPESTATUS[0]}" "2"
+
+  rm -rf "${TARGET}/${PUPPET_CODE_PATH}"
 }

 puppet_install_from_puppet () {
-  case "${DEBIAN_RELEASE}" in
-    squeeze|wheezy)
-      echo "Supported Debian release ${DEBIAN_RELEASE} detected, continue..."
-      chroot $TARGET sed -i 's/START=.*/START=yes/' /etc/default/puppet
-      grml-chroot $TARGET puppet agent --test --waitforcert 30 2>&1 | tee -a /tmp/puppet.log
-      check_puppet_rc "${PIPESTATUS[0]}" "2"
-      ;;
-    jessie|stretch)
-      echo "Supported Debian release ${DEBIAN_RELEASE} detected, continue..."
-      grml-chroot $TARGET puppet agent --enable 2>&1 | tee -a /tmp/puppet.log
-      check_puppet_rc "${PIPESTATUS[0]}" "0"
-      grml-chroot $TARGET puppet agent --test --tags core --waitforcert 30 2>&1 | tee -a /tmp/puppet.log
-      check_puppet_rc "${PIPESTATUS[0]}" "2"
-      grml-chroot $TARGET puppet agent --test 2>&1 | tee -a /tmp/puppet.log
-      check_puppet_rc "${PIPESTATUS[0]}" "2"
-      ;;
-    *)
-      die "ERROR: Unsupported Debian release ${DEBIAN_RELEASE} detected, cannot continue!"
-      ;;
-  esac
+  grml-chroot $TARGET puppet agent --test --tags core 2>&1 | tee -a /tmp/puppet.log
+  check_puppet_rc "${PIPESTATUS[0]}" "2"
+
+  grml-chroot $TARGET puppet agent --test 2>&1 | tee -a /tmp/puppet.log
+  check_puppet_rc "${PIPESTATUS[0]}" "2"
 }

  set_deploy_status "puppet"
@ -2236,26 +2232,18 @@ EOF

  chroot $TARGET apt-get -y install resolvconf libnss-myhostname

-  cat > ${TARGET}/etc/puppet/puppet.conf << EOF
-# Deployed via deployment.sh
+  cat > ${TARGET}/etc/puppetlabs/puppet/puppet.conf<< EOF
+# This file has been created by deployment.sh
 [main]
-logdir=/var/log/puppet
-vardir=/var/lib/puppet
-ssldir=/var/lib/puppet/ssl
-rundir=/var/run/puppet
-factpath=\$vardir/lib/facter
-prerun_command=/etc/puppet/etckeeper-commit-pre
-postrun_command=/etc/puppet/etckeeper-commit-post
 server=${PUPPET_SERVER}
-
-[master]
-ssl_client_header=SSL_CLIENT_S_DN
-ssl_client_verify_header=SSL_CLIENT_VERIFY
-
-[agent]
-environment=$PUPPET
+environment=${PUPPET}
 EOF

+  if [ -f "${TARGET}/etc/profile.d/puppet-agent.sh" ] ; then
+    echo "Exporting Puppet 4 new PATH (otherwise /opt/puppetlabs/bin/puppet is not found)"
+    source "${TARGET}/etc/profile.d/puppet-agent.sh"
+  fi
+
  if [ -n "${PUPPET_GIT_REPO}" ] ; then
    echo "Installing from Puppet Git repository using 'puppet apply'"
    puppet_install_from_git