From 7e5eed0bf4cb100ade3c94ef6a8e0352e3474573 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Mon, 19 Aug 2024 21:47:29 +0200 Subject: [PATCH] (#469) Assign correct environment to node groups This checks if a user configured a environment in pe.conf. If that's the case, it will be used for the PEADM-specific node groups. Otherwise we fall back to production. This fixes a timing issue discovered in #469. In situations where the PE infra isn't running in production, we cannot assume that a production environment exists. And a node group can only reference classes from the environment the node group belongs to. --- REFERENCE.md | 33 +++++++++++++++++++++++++ functions/get_node_group_environment.pp | 31 +++++++++++++++++++++++ manifests/setup/node_manager.pp | 3 +++ plans/convert.pp | 6 +++++ spec/plans/convert_spec.rb | 3 ++- 5 files changed, 75 insertions(+), 1 deletion(-) create mode 100644 functions/get_node_group_environment.pp diff --git a/REFERENCE.md b/REFERENCE.md index ca10ff34e..fec7e5aab 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -29,6 +29,7 @@ * [`peadm::file_or_content`](#peadm--file_or_content) * [`peadm::flatten_compact`](#peadm--flatten_compact) * [`peadm::generate_pe_conf`](#peadm--generate_pe_conf): Generate a pe.conf file in JSON format +* [`peadm::get_node_group_environment`](#peadm--get_node_group_environment): check if a custom PE environment is set in pe.conf * [`peadm::get_pe_conf`](#peadm--get_pe_conf) * [`peadm::get_targets`](#peadm--get_targets): Accept undef or a SingleTargetSpec, and return an Array[Target, 1, 0]. This differs from get_target() in that: - It returns an Array[Target * [`peadm::migration_opts_default`](#peadm--migration_opts_default) @@ -715,6 +716,24 @@ Data type: `Hash` A hash of settings to set in the config file. Any keys that are set to undef will not be included in the config file. +### `peadm::get_node_group_environment` + +Type: Puppet Language + +check if a custom PE environment is set in pe.conf + +#### `peadm::get_node_group_environment(Target $primary)` + +The peadm::get_node_group_environment function. + +Returns: `Any` + +##### `primary` + +Data type: `Target` + +the FQDN for the primary, here we will read the pe.conf from + ### `peadm::get_pe_conf` Type: Puppet Language @@ -1692,6 +1711,7 @@ management using PEAdm. The following parameters are available in the `peadm::convert` plan: +* [`node_group_environment`](#-peadm--convert--node_group_environment) * [`primary_host`](#-peadm--convert--primary_host) * [`replica_host`](#-peadm--convert--replica_host) * [`compiler_hosts`](#-peadm--convert--compiler_hosts) @@ -1702,6 +1722,11 @@ The following parameters are available in the `peadm::convert` plan: * [`internal_compiler_b_pool_address`](#-peadm--convert--internal_compiler_b_pool_address) * [`dns_alt_names`](#-peadm--convert--dns_alt_names) * [`begin_at_step`](#-peadm--convert--begin_at_step) +* [`environment_node_group`](#-peadm--convert--environment_node_group) + +##### `node_group_environment` + +environment for the PEADM specific node groups, if not set it will be gathered from pe.conf or production ##### `primary_host` @@ -1789,6 +1814,14 @@ Optional[Enum[ Default value: `undef` +##### `environment_node_group` + +Data type: `Optional[String[1]]` + + + +Default value: `peadm::get_node_group_environment($primary_host)` + ### `peadm::install` Install a new PE cluster diff --git a/functions/get_node_group_environment.pp b/functions/get_node_group_environment.pp new file mode 100644 index 000000000..daa2a8dd5 --- /dev/null +++ b/functions/get_node_group_environment.pp @@ -0,0 +1,31 @@ +# +# @summary check if a custom PE environment is set in pe.conf +# +# @param primary the FQDN for the primary, here we will read the pe.conf from +# +# @see https://www.puppet.com/docs/pe/latest/upgrade_pe#update_environment +# +# @author Tim Meusel +# +function peadm::get_node_group_environment(Target $primary) { + $peconf = peadm::get_pe_conf($primary) + # if both are set, they need to be set to the same value + # if they are not set, we assume that the user runs their infra in production + $pe_install = $peconf['pe_install::install::classification::pe_node_group_environment'] + $puppet_enterprise = $peconf['puppet_enterprise::master::recover_configuration::pe_environment'] + + # check if both are equal + # This also evaluates to true if both are undef + if $pe_install == $puppet_enterprise { + # check if the option isn't undef + # ToDo: A proper regex for allowed characters in an environment would be nice + # https://github.com/puppetlabs/puppet-docs/issues/1158 + if $pe_install =~ String[1] { + return $pe_install + } else { + return 'production' + } + } else { + fail("pe_install::install::classification::pe_node_group_environment and puppet_enterprise::master::recover_configuration::pe_environment need to be set to the same value, not '${pe_install}' and ${puppet_enterprise}") + } +} diff --git a/manifests/setup/node_manager.pp b/manifests/setup/node_manager.pp index 65c690440..d2fcdbe44 100644 --- a/manifests/setup/node_manager.pp +++ b/manifests/setup/node_manager.pp @@ -23,6 +23,7 @@ # A load balancer address directing traffic to any of the "B" pool # compilers. This is used for DR configuration in large and extra large # architectures. +# @param node_group_environment the environment that will be assigned to all the PE Infra node groups # class peadm::setup::node_manager ( String[1] $primary_host, @@ -36,6 +37,7 @@ Optional[String[1]] $compiler_pool_address = undef, Optional[String[1]] $internal_compiler_a_pool_address = $server_a_host, Optional[String[1]] $internal_compiler_b_pool_address = $server_b_host, + String[1] $node_group_environment = 'production', ) { # "Not-configured" placeholder string. This will be used in places where we # cannot set an explicit null, and need to supply some kind of value. @@ -46,6 +48,7 @@ # else. Node_group { purge_behavior => none, + environment => $node_group_environment, } ################################################## diff --git a/plans/convert.pp b/plans/convert.pp index 1995a0b01..9493317c2 100644 --- a/plans/convert.pp +++ b/plans/convert.pp @@ -3,6 +3,9 @@ # This plan sets required certificate extensions on PE nodes, and configures # the required PE node groups to make an existing cluster compatible with # management using PEAdm. +# +# @param node_group_environment environment for the PEADM specific node groups, if not set it will be gathered from pe.conf or production +# plan peadm::convert ( # Standard Peadm::SingleTargetSpec $primary_host, @@ -26,6 +29,8 @@ 'modify-infra-certs', 'convert-node-groups', 'finalize']] $begin_at_step = undef, + + Optional[String[1]] $environment_node_group = peadm::get_node_group_environment($primary_host), ) { peadm::assert_supported_bolt_version() @@ -223,6 +228,7 @@ compiler_pool_address => $compiler_pool_address, internal_compiler_a_pool_address => $internal_compiler_a_pool_address, internal_compiler_b_pool_address => $internal_compiler_b_pool_address, + node_group_environment => $node_group_environment, require => Class['peadm::setup::node_manager_yaml'], } diff --git a/spec/plans/convert_spec.rb b/spec/plans/convert_spec.rb index 7140d5982..23c8572f9 100644 --- a/spec/plans/convert_spec.rb +++ b/spec/plans/convert_spec.rb @@ -19,7 +19,8 @@ allow_apply expect_task('peadm::cert_data').return_for_targets('primary' => trustedjson) - expect_task('peadm::read_file').always_return({ 'content' => '2021.7.8' }) + expect_task('peadm::read_file').with_params('path' => '/opt/puppetlabs/server/pe_build').always_return({ 'content' => '2021.7.8' }) + expect_task('peadm::read_file').with_params('path' => '/etc/puppetlabs/enterprise/conf.d/pe.conf').always_return({ 'content' => {} }) # For some reason, expect_plan() was not working?? allow_plan('peadm::modify_certificate').always_return({})