Puppet Plan: peadm::subplans::configure

Defined in:
plans/subplans/configure.pp

Summary

Configure first-time classification and DR setup

Overview

Parameters:

  • compiler_pool_address (String) (defaults to: $primary_host.peadm::certname()

    The service address used by agents to connect to compilers, or the Puppet service. Typically this is a load balancer.

  • internal_compiler_a_pool_address (Optional[String]) (defaults to: undef)

    A load balancer address directing traffic to any of the “A” pool compilers. This is used for DR configuration in large and extra large architectures.

  • internal_compiler_b_pool_address (Optional[String]) (defaults to: undef)

    A load balancer address directing traffic to any of the “B” pool compilers. This is used for DR configuration in large and extra large architectures.

  • ldap_config (Optional[Peadm::Ldap_config]) (defaults to: undef)

    This hash contains the options necessary for configuring the LDAP connection on the main server.

  • final_agent_state (Enum['running', 'stopped']) (defaults to: 'running')

    Configures the state the puppet agent should be in on infrastructure nodes after PE is configured successfully.

  • primary_host (Peadm::SingleTargetSpec)
  • replica_host (Optional[Peadm::SingleTargetSpec]) (defaults to: undef)
  • compiler_hosts (Optional[TargetSpec]) (defaults to: undef)
  • legacy_compilers (Optional[TargetSpec]) (defaults to: undef)
  • primary_postgresql_host (Optional[Peadm::SingleTargetSpec]) (defaults to: undef)
  • replica_postgresql_host (Optional[Peadm::SingleTargetSpec]) (defaults to: undef)
  • token_file (Optional[String]) (defaults to: undef)
  • deploy_environment (Optional[String]) (defaults to: undef)
  • stagingdir (String) (defaults to: '/tmp') 


23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
 
# File 'plans/subplans/configure.pp', line 23

plan peadm::subplans::configure (
  # Standard
  Peadm::SingleTargetSpec           $primary_host,
  Optional[Peadm::SingleTargetSpec] $replica_host = undef,

  # Large
  Optional[TargetSpec]              $compiler_hosts = undef,
  Optional[TargetSpec]              $legacy_compilers = undef,

  # Extra Large
  Optional[Peadm::SingleTargetSpec] $primary_postgresql_host = undef,
  Optional[Peadm::SingleTargetSpec] $replica_postgresql_host = undef,

  # Common Configuration
  String                       $compiler_pool_address            = $primary_host.peadm::certname(),
  Optional[String]             $internal_compiler_a_pool_address = undef,
  Optional[String]             $internal_compiler_b_pool_address = undef,
  Optional[String]             $token_file                       = undef,
  Optional[String]             $deploy_environment               = undef,
  Optional[Peadm::Ldap_config] $ldap_config                      = undef,

  # Other
  String           $stagingdir                   = '/tmp',
  Enum['running', 'stopped'] $final_agent_state  = 'running'
) {
  # TODO: get and validate PE version

  # Convert inputs into targets.
  $primary_target                   = peadm::get_targets($primary_host, 1)
  $replica_target                   = peadm::get_targets($replica_host, 1)
  $replica_postgresql_target        = peadm::get_targets($replica_postgresql_host, 1)
  $compiler_targets                 = peadm::get_targets($compiler_hosts)
  $legacy_compiler_targets                   = peadm::get_targets($legacy_compilers)
  $primary_postgresql_target        = peadm::get_targets($primary_postgresql_host, 1)

  # Ensure input valid for a supported architecture
  $arch = peadm::assert_supported_architecture(
    $primary_host,
    $replica_host,
    $primary_postgresql_host,
    $replica_postgresql_host,
    $compiler_hosts,
    $legacy_compilers,
  )

  # Source list of files on Primary and synchronize to new Replica
  $common_content_source   = '/etc/puppetlabs/puppet/hiera.yaml'
  $replica_content_sources = [
    '/opt/puppetlabs/server/data/console-services/certs/ad_ca_chain.pem',
    '/etc/puppetlabs/orchestration-services/conf.d/secrets/keys.json',
    '/etc/puppetlabs/orchestration-services/conf.d/secrets/orchestrator-encryption-keys.json',
    '/etc/puppetlabs/console-services/conf.d/secrets/keys.json',
  ]

  run_plan('peadm::util::copy_file', peadm::flatten_compact([
        $replica_target,
        $compiler_targets,
        $legacy_compiler_targets,
    ]),
    source_host   => $primary_target,
    path          => $common_content_source
  )

  parallelize($replica_content_sources) |$path| {
    run_plan('peadm::util::copy_file', $replica_target,
      source_host   => $primary_target,
      path          => $path
    )
  }

  # Set up the console node groups to configure the various hosts in their roles

  apply($primary_target) {
    class { 'peadm::setup::node_manager_yaml':
      primary_host => $primary_target.peadm::certname(),
    }

    class { 'peadm::setup::node_manager':
      primary_host                     => $primary_target.peadm::certname(),
      server_a_host                    => $primary_target.peadm::certname(),
      server_b_host                    => $replica_target.peadm::certname(),
      postgresql_a_host                => $primary_postgresql_target.peadm::certname(),
      postgresql_b_host                => $replica_postgresql_target.peadm::certname(),
      compiler_pool_address            => $compiler_pool_address,
      internal_compiler_a_pool_address => $internal_compiler_a_pool_address,
      internal_compiler_b_pool_address => $internal_compiler_b_pool_address,
      require                          => Class['peadm::setup::node_manager_yaml'],
    }
  }

  if $arch['disaster-recovery'] {
    # Run the PE Replica Provision
    run_task('peadm::provision_replica', $primary_target,
      replica    => $replica_target.peadm::certname(),
      token_file => $token_file,

      # Race condition, where the provision command checks PuppetDB status and
      # probably gets "starting", but fails out because that's not "running".
      # Can remove flag when that issue is fixed.
      legacy     => true,
    )
  }

  if $ldap_config {
    # Run the task to configure ldap
    $ldap_result = run_task('peadm::pe_ldap_config', $primary_target,
      pe_main         => $primary_target.peadm::certname(),
      ldap_config     => $ldap_config,
      '_catch_errors' => true,
    )

    # If there was an LDAP failure, note it and continue.
    if $ldap_result[0].error {
      out::message('There was a problem with the LDAP configuration, configuration must be completed manually.')
      out::message($ldap_result.to_data)
    }
  }

  # Run Puppet everywhere to pick up last remaining config tweaks
  run_task('peadm::puppet_runonce', peadm::flatten_compact([
        $primary_target,
        $primary_postgresql_target,
        $compiler_targets,
        $legacy_compiler_targets,
        $replica_target,
        $replica_postgresql_target,
  ]))

  # Deploy an environment if a deploy environment is specified
  if $deploy_environment {
    run_task('peadm::code_manager', $primary_target,
      action => "deploy ${deploy_environment}",
    )
  }

  # Configure Puppet agent service status now that configuration is complete
  $systemctl_state = $final_agent_state ? {
    'running' => 'start',
    'stopped' => 'stop'
  }
  run_command("systemctl ${systemctl_state} puppet", peadm::flatten_compact([
        $primary_target,
        $replica_target,
        $primary_postgresql_target,
        $replica_postgresql_target,
        $compiler_targets,
        $legacy_compiler_targets,
  ]))

  return("Configuration of Puppet Enterprise ${arch['architecture']} succeeded.")
}