diff --git a/documentation/basic_usage.md b/documentation/basic_usage.md index 2f123051..27f7e36a 100644 --- a/documentation/basic_usage.md +++ b/documentation/basic_usage.md @@ -28,7 +28,7 @@ The reference implementation uses trusted facts to put nodes in the right groups 5. Create a parameters file. Example included below. Note at the top of the file are arguments which dictate which plans should be run, such as install+configure. 6. Run the pe\_xl plan with the inputs created. Example: - bolt plan run pe_xl \ + bolt plan run pe_xl::provision \ --inventory nodes.yaml \ --modulepath ~/modules \ --params @params.json @@ -59,10 +59,6 @@ Example params.json Bolt parameters file: ```json { - "install": true, - "configure": true, - "upgrade": false, - "master_host": "pe-xl-core-0.lab1.puppet.vm", "puppetdb_database_host": "pe-xl-core-1.lab1.puppet.vm", "master_replica_host": "pe-xl-core-2.lab1.puppet.vm", @@ -75,6 +71,6 @@ Example params.json Bolt parameters file: "console_password": "puppetlabs", "dns_alt_names": [ "puppet", "puppet.lab1.puppet.vm" ], "compiler_pool_address": "puppet.lab1.puppet.vm", - "version": "2018.1.4" + "version": "2019.1.1" } ``` diff --git a/documentation/install_and_configure_without_ha.md b/documentation/install_and_configure_without_ha.md index 610f6e0c..dae25ccd 100644 --- a/documentation/install_and_configure_without_ha.md +++ b/documentation/install_and_configure_without_ha.md @@ -14,7 +14,7 @@ The install, configure, and upgrade plans covered in the [basic_usage.md](basic_ 5. Create a parameters file. An example is included below. Note the omission of the `master_replica_host` and `puppetdb_database_replica_host` parameters. 6. Run the pe\_xl plan with the inputs created. Example: ``` - bolt plan run pe_xl \ + bolt plan run pe_xl::provision \ --inventory nodes.yaml \ --modulepath ~/modules \ --params @params.json @@ -45,10 +45,6 @@ groups: ```json { - "install": true, - "configure": true, - "upgrade": false, - "master_host": "pe-xl-core-0.lab1.puppet.vm", "puppetdb_database_host": "pe-xl-core-1.lab1.puppet.vm", "compiler_hosts": [ @@ -59,6 +55,6 @@ groups: "console_password": "puppetlabs", "dns_alt_names": [ "puppet", "puppet.lab1.puppet.vm" ], "compiler_pool_address": "puppet.lab1.puppet.vm", - "version": "2019.1.0" + "version": "2019.1.1" } ``` diff --git a/manifests/setup/master.pp b/manifests/setup/master.pp deleted file mode 100644 index 0d335c2e..00000000 --- a/manifests/setup/master.pp +++ /dev/null @@ -1,25 +0,0 @@ -# @summary Defines configuration needed at install time -# -class pe_xl::setup::master { - - # This is needed so that compiler certs can be signed. It's included by - # default in 2019.0 and newer, but isn't present in 2018.1. It would be - # preferable to use the hocon_setting resource, but we can't because it - # requires a gem not present by default. It would be preferable to use the - # pe_hocon_setting resource, but we can't because there's no Forge module - # that provides it for Bolt to use. So this is what we are reduced to. - $caconf = @(EOF) - # CA-related settings - certificate-authority: { - allow-subject-alt-names: true - } - | EOF - - file { '/etc/puppetlabs/puppetserver/conf.d/ca.conf': - ensure => file, - content => $caconf, - notify => Service['pe-puppetserver'], - } - - service { 'pe-puppetserver': } -} diff --git a/metadata.json b/metadata.json index e31d5efa..ee7a2b0b 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-pe_xl", - "version": "0.3.0", + "version": "0.4.0", "author": "Reid Vandewiele", "summary": "Bolt plans used to deploy an at-scale Puppet Enterprise architecture", "license": "Apache-2.0", @@ -46,7 +46,7 @@ "requirements": [ { "name": "puppet", - "version_requirement": ">= 6.0.0 < 7.0.0" + "version_requirement": ">= 6.0.2 < 7.0.0" } ], "pdk-version": "1.13.0", diff --git a/plans/init.pp b/plans/init.pp deleted file mode 100644 index eba214ad..00000000 --- a/plans/init.pp +++ /dev/null @@ -1,104 +0,0 @@ -# @summary Single-entry-point plan for install, configure, and/or upgrade. -# This plan accepts all possible parameters and can call sub-plans using them. -# This is useful so that a single params.json file can be used which contains -# all possible parameters for different actions, rather than needing multiple -# params.json files with different combinations of the possible inputs. -# -plan pe_xl ( - Boolean $install = false, - Boolean $configure = false, - Boolean $upgrade = false, - - Optional[String[1]] $master_host = undef, - Optional[String[1]] $puppetdb_database_host = undef, - Optional[String[1]] $master_replica_host = undef, - Optional[String[1]] $puppetdb_database_replica_host = undef, - Optional[Array[String[1]]] $compiler_hosts = undef, - - Optional[String[1]] $console_password = undef, - Optional[String[1]] $version = undef, - Optional[Array[String[1]]] $dns_alt_names = undef, - Optional[Boolean] $executing_on_master = undef, - - Optional[String] $r10k_remote = undef, - Optional[String] $r10k_private_key_file = undef, - Optional[Pe_xl::Pem] $r10k_private_key_content = undef, - - Optional[String[1]] $compiler_pool_address = undef, - Optional[String[1]] $deploy_environment = undef, - - Optional[String[1]] $stagingdir = undef, - Optional[Hash] $pe_conf_data = undef -) { - - if $install { - run_plan('pe_xl::install', - # Large - master_host => $master_host, - compiler_hosts => $compiler_hosts, - master_replica_host => $master_replica_host, - - # Extra Large - puppetdb_database_host => $puppetdb_database_host, - puppetdb_database_replica_host => $puppetdb_database_replica_host, - - # Common Configuration - console_password => $console_password, - version => $version, - dns_alt_names => $dns_alt_names, - pe_conf_data => $pe_conf_data, - - # Code Manager - r10k_remote => $r10k_remote, - r10k_private_key_file => $r10k_private_key_file, - r10k_private_key_content => $r10k_private_key_content, - - # Other - stagingdir => $stagingdir, - ) - } - - if $configure { - run_plan('pe_xl::configure', - master_host => $master_host, - puppetdb_database_host => $puppetdb_database_host, - master_replica_host => $master_replica_host, - puppetdb_database_replica_host => $puppetdb_database_replica_host, - compiler_hosts => $compiler_hosts, - - executing_on_master => $executing_on_master, - compiler_pool_address => $compiler_pool_address, - deploy_environment => $deploy_environment, - - stagingdir => $stagingdir, - ) - } - - if $upgrade { - run_plan('pe_xl::upgrade', - master_host => $master_host, - puppetdb_database_host => $puppetdb_database_host, - master_replica_host => $master_replica_host, - puppetdb_database_replica_host => $puppetdb_database_replica_host, - - version => $version, - - stagingdir => $stagingdir, - ) - } - - # Return a string banner reporting on what was done - $actions = { - 'install' => $install, - 'configure' => $configure, - 'upgrade' => $upgrade, - }.filter |$keypair| { - $keypair[1] == true - }.map |$keypair| { - $keypair[0] - }.reduce |$actionlist,$action| { - "${actionlist}, ${action}" - } - - return("Performed action(s): ${actions}") -} diff --git a/plans/provision.pp b/plans/provision.pp new file mode 100644 index 00000000..cf3b75ff --- /dev/null +++ b/plans/provision.pp @@ -0,0 +1,73 @@ +# @summary Single-entry-point plan for installation and configuration of a new +# Puppet Enterprise Extra Large cluster. This plan accepts all parameters +# used by its sub-plans, and invokes them in order. +# +plan pe_xl::provision ( + String[1] $master_host, + Optional[String[1]] $puppetdb_database_host = undef, + Optional[String[1]] $master_replica_host = undef, + Optional[String[1]] $puppetdb_database_replica_host = undef, + Optional[Array[String[1]]] $compiler_hosts = undef, + + String[1] $version, + String[1] $console_password, + Optional[Array[String[1]]] $dns_alt_names = undef, + Optional[String[1]] $compiler_pool_address = undef, + Optional[Hash] $pe_conf_data = undef, + + Optional[String] $r10k_remote = undef, + Optional[String] $r10k_private_key_file = undef, + Optional[Pe_xl::Pem] $r10k_private_key_content = undef, + Optional[String[1]] $deploy_environment = undef, + + Optional[String[1]] $stagingdir = undef, + Optional[Boolean] $executing_on_master = undef, +) { + + run_plan('pe_xl::unit::install', + # Large + master_host => $master_host, + compiler_hosts => $compiler_hosts, + master_replica_host => $master_replica_host, + + # Extra Large + puppetdb_database_host => $puppetdb_database_host, + puppetdb_database_replica_host => $puppetdb_database_replica_host, + + # Common Configuration + version => $version, + console_password => $console_password, + dns_alt_names => $dns_alt_names, + pe_conf_data => $pe_conf_data, + + # Code Manager + r10k_remote => $r10k_remote, + r10k_private_key_file => $r10k_private_key_file, + r10k_private_key_content => $r10k_private_key_content, + + # Other + stagingdir => $stagingdir, + ) + + run_plan('pe_xl::unit::configure', + # Large + master_host => $master_host, + compiler_hosts => $compiler_hosts, + master_replica_host => $master_replica_host, + + # Extra Large + puppetdb_database_host => $puppetdb_database_host, + puppetdb_database_replica_host => $puppetdb_database_replica_host, + + # Common Configuration + compiler_pool_address => $compiler_pool_address, + deploy_environment => $deploy_environment, + + # Other + stagingdir => $stagingdir, + executing_on_master => $executing_on_master, + ) + + # Return a string banner reporting on what was done + return('Provisioned Puppet Enterprise Extra Large cluster') +} diff --git a/plans/configure.pp b/plans/unit/configure.pp similarity index 99% rename from plans/configure.pp rename to plans/unit/configure.pp index 3cae30ed..dcc526ad 100644 --- a/plans/configure.pp +++ b/plans/unit/configure.pp @@ -1,6 +1,6 @@ # @summary Configure first-time classification and HA setup # -plan pe_xl::configure ( +plan pe_xl::unit::configure ( String[1] $master_host, Array[String[1]] $compiler_hosts = [ ], diff --git a/plans/install.pp b/plans/unit/install.pp similarity index 94% rename from plans/install.pp rename to plans/unit/install.pp index 88d3b530..b650c2ee 100644 --- a/plans/install.pp +++ b/plans/unit/install.pp @@ -13,7 +13,7 @@ # Config data to plane into pe.conf when generated on all hosts, this can be # used for tuning data etc. # -plan pe_xl::install ( +plan pe_xl::unit::install ( # Large String[1] $master_host, Array[String[1]] $compiler_hosts = [ ], @@ -316,18 +316,15 @@ ], ) - # Do a Puppet agent run to ensure certificate requests have been submitted - # These runs will "fail", and that's expected. - without_default_logging() || { - out::message("Starting: task pe_xl::puppet_runonce on ${agent_installer_hosts}") - run_task('pe_xl::puppet_runonce', $agent_installer_hosts, {_catch_errors => true}) - out::message("Finished: task pe_xl::puppet_runonce on ${agent_installer_hosts}") - } + # Ensure certificate requests have been submitted + run_command(@(HEREDOC), $agent_installer_hosts) + /opt/puppetlabs/bin/puppet ssl submit_request + | HEREDOC - # Ensure some basic configuration on the master needed at install time. - if ($version.versioncmp('2019.0') < 0) { - apply($master_host) { include pe_xl::setup::master }.pe_xl::print_apply_result - } + # TODO: come up with an intelligent way to validate that the expected CSRs + # have been submitted and are available for signing, prior to signing them. + # For now, waiting a short period of time is necessary to avoid a small race. + ctrl::sleep(15) run_command(inline_epp(@(HEREDOC)), $master_host) /opt/puppetlabs/bin/puppetserver ca sign --certname <%= $agent_installer_hosts.join(',') -%> diff --git a/tasks/code_manager.sh b/tasks/code_manager.sh index 819b6326..e59abcbe 100755 --- a/tasks/code_manager.sh +++ b/tasks/code_manager.sh @@ -70,7 +70,7 @@ function main() function deploy() { [ "$#" = 1 ] || { echo "specify an environment to deploy"; exit 1; } - cm_r10k deploy environment "$1" && commit + cm_r10k deploy environment "$1" -p && commit } function commit()