Puppetserver update:

  Update all modules to the latest version.
  Replace stephenrjohnson/puppet with jlambert121/puppet.
    Hiera setup injected into globals.yaml and puppet_role/puppet.yaml.
  Modify the sample network to 10.0.1.0/24.
  Bootstrap script:
    Re-ordered the download to prevent version conflicts.
    Update module versions and downloads
    Migrate from 'service' to 'systemctl' (systemd) for services controls.
  Work around two bugs in hiera interpolation in hiera.pp.
  Remove puppetdb from master bootstrap.
  Refactor puppet_master profile.
  Update webhook and padmin hiera data.

Author: rnelson0

.travis.yml

@@ -11,25 +11,7 @@ notifications:
   email: false
 rvm:
   - 1.9.3
-  - 2.0.0
   - 2.1.0
 env:
-  - PUPPET_GEM_VERSION="~> 3.3.0"
-  - PUPPET_GEM_VERSION="~> 3.4.0"
-  - PUPPET_GEM_VERSION="~> 3.5.0" STRICT_VARIABLES=yes
-  - PUPPET_GEM_VERSION="~> 3.6.0" STRICT_VARIABLES=yes
-  - PUPPET_GEM_VERSION="~> 3.7.0" STRICT_VARIABLES=yes
-  - PUPPET_GEM_VERSION="~> 3.7.0" STRICT_VARIABLES=yes FUTURE_PARSER=yes
-  - PUPPET_GEM_VERSION="~> 4.0.0" STRICT_VARIABLES=yes
-matrix:
-  exclude:
-  # Ruby 2.1.0
-  - rvm: 2.1.0
-    env: PUPPET_GEM_VERSION="~> 3.2.0"
-  - rvm: 2.1.0
-    env: PUPPET_GEM_VERSION="~> 3.3.0"
-  - rvm: 2.1.0
-    env: PUPPET_GEM_VERSION="~> 3.4.0"
-  allow_failures:
-    - env: PUPPET_GEM_VERSION="~> 4.0.0" STRICT_VARIABLES=yes
-    - env: PUPPET_GEM_VERSION="~> 3.7.0" STRICT_VARIABLES=yes FUTURE_PARSER=yes
+  - PUPPET_GEM_VERSION="~> 3.0" STRICT_VARIABLES=yes FUTURE_PARSER=yes
+  - PUPPET_GEM_VERSION="~> 4.0" STRICT_VARIABLES=yes

Gemfile

@@ -2,9 +2,9 @@ source "https://rubygems.org"
 
 group :test do
   gem "rake"
-  gem "puppet", ENV['PUPPET_GEM_VERSION'] || '~> 3.8.0'
+  gem "puppet", ENV['PUPPET_GEM_VERSION'] || '~> 4.0'
   gem "rspec", '< 3.2.0'
-  gem "rspec-puppet", :git => 'https://github.com/rodjek/rspec-puppet.git'
+  gem "rspec-puppet"
   gem "puppetlabs_spec_helper"
   gem "metadata-json-lint"
   gem "rspec-puppet-facts"

Puppetfile

@@ -1,48 +1,51 @@
 forge 'http://forge.puppetlabs.com'
 
-# Modules from the Puppet Forge
-mod 'ajjahn/dhcp', '0.2.0'
+# Modules discovered by generate-puppetfile
+mod 'ajjahn/dhcp', '1.0.0'
 mod 'croddy/make', '0.0.5'
 mod 'garethr/erlang', '0.3.0'
-mod 'gentoo/portage', '2.2.0'
-mod 'maestrodev/rvm', '1.6.6'
-mod 'nanliu/staging', '1.0.2'
-mod 'palli/createrepo', '0.9.5'
-mod 'puppetlabs/activemq', '0.2.0'
-mod 'puppetlabs/apache', '1.2.0'
-mod 'puppetlabs/apt', '1.5.0'
-mod 'puppetlabs/concat', '1.1.2'
-mod 'puppetlabs/firewall', '1.1.2'
-mod 'puppetlabs/gcc', '0.1.0'
-mod 'puppetlabs/git', '0.1.0'
-mod 'puppetlabs/inifile', '1.1.0'
-mod 'puppetlabs/java', '1.1.1'
-mod 'puppetlabs/java_ks', '1.2.4'
-mod 'puppetlabs/lvm', '0.4.0'
-mod 'puppetlabs/mcollective', '1.1.5'
-mod 'puppetlabs/mysql', '3.1.0'
-mod 'puppetlabs/ntp', '3.1.1'
-mod 'puppetlabs/pe_gem', '0.0.1'
-mod 'puppetlabs/postgresql', '3.3.3'
-mod 'puppetlabs/puppetdb', '3.0.1'
-mod 'puppetlabs/rabbitmq', '4.0.0'
+mod 'gentoo/portage', '2.3.0'
+mod 'golja/gnupg', '1.2.3'
+mod 'hunner/hiera', '2.0.1'
+mod 'jlambert121/puppet', '0.7.0'
+mod 'maestrodev/rvm', '1.12.1'
+mod 'nanliu/staging', '1.0.3'
+mod 'palli/createrepo', '1.1.0'
+mod 'puppetlabs/activemq', '0.4.0'
+mod 'puppetlabs/apache', '1.8.0'
+mod 'puppetlabs/apt', '2.2.1'
+mod 'puppetlabs/concat', '1.2.5'
+mod 'puppetlabs/firewall', '1.7.2'
+mod 'puppetlabs/gcc', '0.3.0'
+mod 'puppetlabs/git', '0.4.0'
+mod 'puppetlabs/inifile', '1.4.3'
+mod 'puppetlabs/java', '1.4.3'
+mod 'puppetlabs/java_ks', '1.4.0'
+mod 'puppetlabs/lvm', '0.7.0'
+mod 'puppetlabs/mcollective', '99.99.99'
+mod 'puppetlabs/mysql', '3.6.2'
+mod 'puppetlabs/ntp', '4.1.2'
+mod 'puppetlabs/pe_gem', '0.2.0'
+mod 'puppetlabs/postgresql', '4.7.0'
+mod 'puppetlabs/puppetdb', '5.0.0'
+mod 'puppetlabs/rabbitmq', '5.3.1'
 mod 'puppetlabs/ruby', '0.4.0'
-mod 'puppetlabs/stdlib', '4.5.0'
+mod 'puppetlabs/stdlib', '4.11.0'
 mod 'puppetlabs/tftp', '0.2.3'
-mod 'puppetlabs/vcsrepo', '1.0.1'
-mod 'puppetlabs/xinetd', '1.4.0'
-mod 'richardc/datacat', '0.4.3'
-mod 'rnelson0/certs', '0.6.1'
-mod 'rnelson0/local_user', '0.9.3'
-mod 'saz/ssh', '2.4.0'
-mod 'saz/sudo', '3.0.6'
-mod 'stahnma/epel', '0.1.0'
-mod 'stephenrjohnson/puppet', '0.0.23'
-mod 'thias/bind', '0.5.1'
+mod 'puppetlabs/vcsrepo', '1.3.2'
+mod 'puppetlabs/xinetd', '1.5.0'
+mod 'richardc/datacat', '0.5.0'
+mod 'rnelson0/certs', '0.7.0'
+mod 'rnelson0/local_user', '1.0.7'
+mod 'saz/ssh', '2.8.1'
+mod 'saz/sudo', '3.1.0'
+mod 'stahnma/epel', '1.2.2'
+mod 'thias/bind', '0.5.2'
 mod 'yguenane/augeas', '0.1.1'
 mod 'yguenane/ygrpms', '0.1.0'
-mod 'zack/r10k', '2.8.0'
-
+mod 'zack/r10k', '3.2.0'
+# Discovered elements from existing Puppetfile
 # Modules from Github
 mod 'lab_config',
-  :git => '[email protected]:puppetinabox/lab_config.git'
+  :git => '[email protected]:puppetinabox/lab_config.git',
+  :branch => 'puppetserver'

bootstrap.sh

@@ -2,10 +2,10 @@
 
 # Add bootstrap modules
 mkdir -p /root/bootstrap/modules
-puppet module install --modulepath=/root/bootstrap/modules zack/r10k --version 2.5.4
-puppet module install --modulepath=/root/bootstrap/modules stahnma/epel --version 1.0.2
-puppet module install --modulepath=/root/bootstrap/modules stephenrjohnson/puppet --version 1.3.1
-puppet module install --modulepath=/root/bootstrap/modules hunner/hiera --version 1.1.1
+puppet module install --modulepath=/root/bootstrap/modules jlambert121/puppet --version 0.7.0
+puppet module install --modulepath=/root/bootstrap/modules zack/r10k --version 3.2.0
+puppet module install --modulepath=/root/bootstrap/modules stahnma/epel --version 1.2.2
+puppet module install --modulepath=/root/bootstrap/modules hunner/hiera --version 1.4.1
 
 # Configure the master, hiera, and r10k services
 puppet apply --modulepath=/root/bootstrap/modules master.pp && \
@@ -14,12 +14,15 @@ puppet apply --modulepath=/root/bootstrap/modules r10k_installation.pp && \
 # If everything went well, deploy using r10k
 r10k deploy environment -p
 
+
 # If everything is successful, run puppet, otherwise alert
 if [ $? -eq 0 ]
 then
+  # Ensure changes to hiera and the master configuration are in place before continuing
+  systemctl restart puppetserver
   puppet agent -t
-  chkconfig puppet on
-  service puppet start
+  systemctl enable puppet
+  systemctl start puppet
 else
   echo "Some part of the bootstrap process failed. Investigate the errors and proceed with manual bootstrapping."
   echo ""

dist/profile/.fixtures.yml

@@ -5,9 +5,7 @@ fixtures:
     apache: 'git://github.com/puppetlabs/puppetlabs-apache'
     bind: 'git://github.com/thias/puppet-bind'
     certs: 'git://github.com/rnelson0/puppet-certs'
-    concat:
-      repo: 'git://github.com/puppetlabs/puppetlabs-concat'
-      ref: '1.2.0'
+    concat: 'git://github.com/puppetlabs/puppetlabs-concat'
     createrepo: 'git://github.com/pall-valmundsson/puppet-createrepo'
     dhcp: 'git://github.com/ajjahn/puppet-dhcp'
     epel: 'git://github.com/stahnma/puppet-module-epel'
@@ -19,7 +17,7 @@ fixtures:
     mysql: 'git://github.com/puppetlabs/puppetlabs-mysql'
     ntp: 'git://github.com/puppetlabs/puppetlabs-ntp'
     postgresql: 'git://github.com/puppetlabs/puppetlabs-postgresql'
-    puppet: 'git://github.com/stephenrjohnson/puppetmodule'
+    puppet:  https://github.com/jlambert121/jlambert121-puppet
     puppetdb: 'git://github.com/puppetlabs/puppetlabs-puppetdb'
     r10k: 'git://github.com/acidprime/r10k'
     ruby: 'git://github.com/puppetlabs/puppetlabs-ruby'

dist/profile/manifests/puppet_master.pp

@@ -11,23 +11,16 @@
 # Copyright 2015 Rob Nelson
 #
 class profile::puppet_master {
-  package { 'mcollective-common':
-    ensure => present,
-  }
   include ::epel
-  include ::puppet::master
+  include ::puppet
 
   include ::r10k
   include ::r10k::webhook::config
   include ::r10k::webhook
-  Package['mcollective-common'] -> Class['r10k::webhook']
   Class['r10k::webhook::config'] -> Class['r10k::webhook']
+  Package['puppetdb'] -> Service[webhook]
 
-  firewall { '100 allow agent checkins':
-    dport  => 8140,
-    proto  => tcp,
-    action => accept,
-  }
+  # evenup/puppet includes a firewall rule for the puppetserver service
   firewall { '110 zack-r10k web hook':
     dport  => 8088,
     proto  => tcp,

dist/profile/spec/classes/base_spec.rb

@@ -2,14 +2,17 @@
 describe 'profile::base', :type => :class do
   let :facts do
     {
-      :id                     => 'root',
-      :kernel                 => 'Linux',
-      :osfamily               => 'RedHat',
-      :operatingsystem        => 'RedHat',
-      :operatingsystemrelease => '6',
-      :concat_basedir         => '/dne',
-      :path                   => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin',
-  }
+      :id => 'root',
+      :kernel => 'Linux',
+      :osfamily => 'RedHat',
+      :operatingsystem => 'RedHat',
+      :operatingsystemrelease => '7.2',
+      :operatingsystemmajrelease => '7',
+      :concat_basedir => '/dne',
+      :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin',
+      :puppetversion => '4.3.1',
+      :sudoversion => '1.8.6p7',
+    }
   end
 
   context 'with defaults for all parameters' do

dist/profile/spec/classes/dhcp_spec.rb

@@ -16,7 +16,7 @@
   context 'with defaults for all parameters' do
     it { is_expected.to create_class('profile::dhcp') }
     it { is_expected.to contain_package('dhcp') }
-    it { is_expected.to contain_dhcp__server__subnet('10.0.0.0') }
+    it { is_expected.to contain_dhcp__server__subnet('10.0.1.0') }
     it { is_expected.to contain_dhcp__server__host('sample') }
   end
 end

dist/profile/spec/classes/mysql/mysql_client_spec.rb

@@ -1,10 +1,12 @@
 require 'spec_helper'
 describe 'profile::mysql::client', :type => :class do
-  let :facts do {
-    :osfamily               => 'RedHat',
-    :operatingsystem        => 'RedHat',
-    :operatingsystemrelease => '6',
-  }
+  let :facts do 
+    {
+      :osfamily => 'RedHat',
+      :operatingsystem => 'RedHat',
+      :operatingsystemrelease => '7.2',
+      :operatingsystemmajrelease => '7',
+    }
   end
 
   context 'with defaults for all parameters' do

dist/profile/spec/classes/mysql/mysql_server_spec.rb

@@ -2,11 +2,13 @@
 describe 'profile::mysql::server', :type => :class do
   let :facts do
     {
-      :clientcert             => 'mysql',
-      :osfamily               => 'RedHat',
-      :operatingsystem        => 'RedHat',
-      :operatingsystemrelease => '6',
-  }
+      :clientcert => 'mysql',
+      :osfamily => 'RedHat',
+      :operatingsystem => 'RedHat',
+      :operatingsystemrelease => '7.2',
+      :operatingsystemmajrelease => '7',
+      :puppetversion => '4.3.1',
+    }
   end
 
   context 'with defaults for all parameters' do

dist/profile/spec/classes/puppet_master.rb

@@ -1,21 +1,41 @@
 require 'spec_helper'
 describe 'profile::puppet_master', :type => :class do
-  let :facts do
+  let (:facts) do
     {
-      :osfamily               => 'RedHat',
-      :operatingsystemrelease => '6.5',
-      :concat_basedir         => '/dne/',
+      :kernel => 'Linux',
+      :osfamily => 'RedHat',
+      :operatingsystem => 'RedHat',
+      :operatingsystemmajrelease => '7',
+      :operatingsystemrelease => '7.2',
+      :processors => {
+        "count" => 2,
+        "models" => ["Intel(R) Xeon(R) CPU E31220 @ 3.10GHz", "Intel(R) Xeon(R) CPU E31220 @ 3.10GHz"],
+        "physicalcount" => 2
+      },
+      :puppetversion => '4.3.1',
+      :concat_basedir => '/dne',
+      :clientcert => 'puppet.example.com',
     }
   end 
 
+  let (:pre_condition) {
+    "package('puppetdb': ensure => present, }"
+  }
+
   context 'with defaults for all parameters' do
     it { is_expected.to create_class('profile::puppet_master') }
-    it { is_expected.to contain_package('mcollective-common') }
     it { is_expected.to contain_class('epel') }
+    it { is_expected.to contain_class('puppet') }
+
+    # These resources are included based on hieradata
+    it { is_expected.to contain_class('puppet::server') }
+    it { is_expected.to contain_package('puppetserver').
+      with_ensure('latest')
+    }
+
     it { is_expected.to contain_class('r10k') }
     it { is_expected.to contain_class('r10k::webhook') }
     it { is_expected.to contain_class('r10k::webhook::config') }
-    it { is_expected.to contain_firewall('100 allow agent checkins') }
     it { is_expected.to contain_firewall('110 zack-r10k web hook') }
   end
 end

dist/profile/spec/classes/puppetdb_spec.rb

@@ -2,9 +2,19 @@
 describe 'profile::puppetdb', :type => :class do
   let :facts do
     {
-      :osfamily               => 'RedHat',
-      :concat_basedir         => '/dne',
-      :kernel                 => 'Linux',
+      :kernel => 'Linux',
+      :osfamily => 'RedHat',
+      :operatingsystem => 'RedHat',
+      :operatingsystemmajrelease => '7',
+      :operatingsystemrelease => '7.2',
+      :processors => {
+        "count" => 2,
+        "models" => ["Intel(R) Xeon(R) CPU E31220 @ 3.10GHz", "Intel(R) Xeon(R) CPU E31220 @ 3.10GHz"],
+        "physicalcount" => 2
+      },
+      :puppetversion => '4.0.0',
+      :concat_basedir => '/dne',
+      :clientcert => 'puppet.example.com',
     }
   end
 

dist/profile/spec/fixtures/hieradata/default.yaml

@@ -12,3 +12,19 @@ local_users:
       - 'group1'
       - 'group2'
     password: 'encryptedstring'
+ssh::server::options:
+  'PermitRootLogin'          : 'yes'
+  'Protocol'                 : '2'
+  'SyslogFacility'           : 'AUTHPRIV'
+  'PasswordAuthentication'   : 'yes'
+  'GSSAPIAuthentication'     : 'yes'
+  'GSSAPICleanupCredentials' : 'yes'
+  'AcceptEnv'                : 'LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT LC_IDENTIFICATION LC_ALL LANGUAGE XMODIFIERS'
+  'Subsystem'                : '      sftp    /usr/libexec/openssh/sftp-server'
+  'Banner'                   : '/etc/issue.net'
+ssh::client::options:
+  'Host *' :
+    'SendEnv'                   : 'LANG LC_*'
+    'HashKnownHosts'            : 'yes'
+    'GSSAPIAuthentication'      : 'yes'
+    'GSSAPIDelegateCredentials' : 'no'

dist/profile/spec/fixtures/hieradata/dhcp.yaml

@@ -1,14 +1,14 @@
 ---
 dhcp_server_subnets:
-  '10.0.0.0':
-    broadcast   : '10.0.0.255'
+  '10.0.1.0':
+    broadcast   : '10.0.1.255'
     netmask     : '255.255.255.0'
-    routers     : '10.0.0.1'
-    range_begin : '10.0.0.100'
-    range_end   : '10.0.0.150'
+    routers     : '10.0.1.1'
+    range_begin : '10.0.1.100'
+    range_end   : '10.0.1.150'
     dns_servers :
-      - '10.0.0.1'
+      - '10.0.1.1'
 dhcp_server_hosts:
   sample:
-    address:   10.0.0.254
+    address:   10.0.1.254
     hwaddress: 00:00:00:00:00:0a