diff --git a/functions/fail_on_transport.pp b/functions/fail_on_transport.pp new file mode 100644 index 00000000..2e2f1780 --- /dev/null +++ b/functions/fail_on_transport.pp @@ -0,0 +1,22 @@ +# Fails if any nodes have the chosen transport. +# +# Useful for excluding PCP when it's not appopriate +# +function pe_xl::fail_on_transport ( + TargetSpec $nodes, + String $transport, +) { + $targets = get_targets($nodes) + $targets.each |$target| { + if $target.protocol == $transport { + fail_plan( + "${target.name} uses ${transport} transport. This is not supported", + 'unexpected-transport', + { + 'target' => $target, + 'transport' => $transport, + } + ) + } + } +} diff --git a/plans/upgrade.pp b/plans/upgrade.pp index 0772566e..ac972707 100644 --- a/plans/upgrade.pp +++ b/plans/upgrade.pp @@ -6,12 +6,25 @@ Optional[String[1]] $master_replica_host = undef, Optional[String[1]] $puppetdb_database_replica_host = undef, - String[1] $version = '2018.1.4', + String[1] $version, + + # This parameter exists to enable the use case of running pe_xl::upgrade over + # the PCP transport. An orchestrator restart happens during provision + # replica. Running `bolt plan run` directly on the master and using local + # transport for that node will let the plan to run to completion without + # failing due to being disconnected from the orchestrator. + Boolean $executing_on_master = false, String[1] $stagingdir = '/tmp', String[1] $pe_source = "https://s3.amazonaws.com/pe-builds/released/${version}/puppet-enterprise-${version}-el-7-x86_64.tar.gz", ) { + # Allow for the upgrade task to be run local to the master. + $master_target = $executing_on_master ? { + true => "local://${master_host}", + false => $master_host, + } + $ha_replica_target = [ $master_replica_host, ].pe_xl::flatten_compact() @@ -40,7 +53,7 @@ | PQL $all_hosts = [ - $master_host, + $master_target, $puppetdb_database_host, $master_replica_host, $puppetdb_database_replica_host, @@ -48,7 +61,8 @@ $compiler_cluster_master_replica_hosts, ].pe_xl::flatten_compact() - $master_local = "local://${master_host}" + # We need to make sure we aren't using PCP as this will go down during the upgrade + $all_hosts.pe_xl::fail_on_transport('pcp') # TODO: Do we need to update the pe.conf(s) with a console password? @@ -56,7 +70,7 @@ $upload_tarball_path = "/tmp/puppet-enterprise-${version}-el-7-x86_64.tar.gz" $download_hosts = [ - $master_host, + $master_target, $puppetdb_database_host, $puppetdb_database_replica_host, ].pe_xl::flatten_compact() @@ -81,7 +95,7 @@ # Shut down pe-* services on the master. Only shutting down the ones # that have failover pairs on the master replica. ['pe-console-services', 'pe-nginx', 'pe-puppetserver', 'pe-puppetdb', 'pe-postgresql'].each |$service| { - run_task('service', $master_local, + run_task('service', $master_target, action => 'stop', name => $service, ) @@ -89,9 +103,7 @@ # TODO: Firewall up the master - # Upgrade the master using the local:// transport in anticipation of - # the orchestrator service being restarted during the upgrade. - run_task('pe_xl::pe_install', $master_local, + run_task('pe_xl::pe_install', $master_target, tarball => $upload_tarball_path, ) @@ -104,7 +116,7 @@ run_task('pe_xl::puppet_runonce', $puppetdb_database_host) # Stop PuppetDB on the master - run_task('service', $master_local, + run_task('service', $master_target, action => 'stop', name => 'pe-puppetdb', ) @@ -112,7 +124,7 @@ # TODO: Unblock 8081 between the master and the master replica # Start PuppetDB on the master - run_task('service', $master_local, + run_task('service', $master_target, action => 'start', name => 'pe-puppetdb', ) @@ -120,7 +132,7 @@ # TODO: Remove remaining firewall blocks # Wait until orchestrator service is healthy to proceed - run_task('pe_xl::orchestrator_healthcheck', $master_local) + run_task('pe_xl::orchestrator_healthcheck', $master_target) # Upgrade the compiler group A hosts run_task('pe_xl::agent_upgrade', $compiler_cluster_master_hosts,