Puppet 4 support in Foreman

Transcript

1. Questions Puppet 4 Puppet Module Updates Installer Updates Proxy Updates

   Core Updates Puppet 3 to Puppet 4 Future Work Thanks! Puppet 4 support in Foreman Michael Moll <[email protected]> cfgmgmtcamp Gent 7th February 2017 1 / 12

2. Questions Puppet 4 Puppet Module Updates Installer Updates Proxy Updates

   Core Updates Puppet 3 to Puppet 4 Future Work Thanks! Questions Who does not use Foreman, yet? Who does not use Puppet? Anybody still using Puppet 2.x? Anybody using Puppet 3.x? Who is already using Puppet 4? Who is already using Puppet 4 with Foreman? 2 / 12

3. Questions Puppet 4 Puppet Module Updates Installer Updates Proxy Updates

   Core Updates Puppet 3 to Puppet 4 Future Work Thanks! Puppet 4 Support - Why did it take so long? Important changes in Puppet 4: Clojure/JVM based Puppet Server replacing Ruby based Puppet Master AIO packaging for Puppet Agent, bringing its own Ruby For Foreman users, no changes are visible. However, there were pretty big changes needed from a technical perspective. 3 / 12

4. Questions Puppet 4 Puppet Module Updates Installer Updates Proxy Updates

   Core Updates Puppet 3 to Puppet 4 Future Work Thanks! Consequences for Foreman components Puppet modules theforeman-puppet needs to configure Puppet Server instead of Puppet Master theforeman-puppet needs to handle config file changes from 3.x to 4.x all modules need to set correct default paths all modules have to be future/4.x parser compatible Installer can’t load Puppet directly anymore Puppet and the installer used to run in the same Ruby environment Proxy can’t load Puppet directly anymore Puppet agent, Puppet master (sharing e.g. parser code) and the proxy used to run in the same Ruby Foreman needs to understand nested data in structured facts 4 / 12

5. Questions Puppet 4 Puppet Module Updates Installer Updates Proxy Updates

   Core Updates Puppet 3 to Puppet 4 Future Work Thanks! Puppet Module Updates Modules were already Puppet 4 compliant mostly because of former future parser work Reports/ENC required no changes (JRuby is still there in the JVM!) Huge PR for Puppet AIO agent support (and lots of refactorings) from mcanevet and roidelapluie - merci! (Very basic) support for Puppet Server 1 was already there Huge PR for Puppet Server 2 support from jyaworski - dzi˛ ekujemy! Ongoing: Puppet server minor updates need handling... E.g. bootstrap.cfg and ca.cfg on 2.4 -> 2.5 There is no fact for that. smart-proxy provider without apipie-bindings gem used to register proxies unattended in Foreman via OAuth 5 / 12

6. Questions Puppet 4 Puppet Module Updates Installer Updates Proxy Updates

   Core Updates Puppet 3 to Puppet 4 Future Work Thanks! First things first: What is that installer? Puppet modules to configure Foreman, Foreman-Proxy, Puppet... kafo_parsers gem to extract Puppet class structure and parameters Information about top-level classes and application specific default parameters is provided as YAML files (similar to hiera) kafo gem is using these informations to provide a CLI frontend for execution (puppet apply) and optional parameter editing The resulting application is called foreman-installer Answers (Puppet class parameter values) are saved into the answer file 6 / 12

7. Questions Puppet 4 Puppet Module Updates Installer Updates Proxy Updates

   Core Updates Puppet 3 to Puppet 4 Future Work Thanks! Installer Updates More decoupling of installer and Puppet class parser. Creation of a parser cache at build time. New parser based on puppet-strings. Decoupling of Puppet execution. 7 / 12

8. Questions Puppet 4 Puppet Module Updates Installer Updates Proxy Updates

   Core Updates Puppet 3 to Puppet 4 Future Work Thanks! Proxy Updates The puppet feature now has multiple backends (like DHCP and DNS already had before for e.g. ISC and MS backends). According to the puppet_version parameter, the correct backend is chosen. For Puppet 4, API calls from the proxy to the Puppet Server are used for Puppet class and parameter import. Newer versions of Puppet Server implement better caching support (HTTP ETag) for the API used. Older versions load Puppet directly into the proxy, just like before. 8 / 12

9. Questions Puppet 4 Puppet Module Updates Installer Updates Proxy Updates

   Core Updates Puppet 3 to Puppet 4 Future Work Thanks! Core Updates Central parser for structured facts (Facter 3.x) re-usable for other Configuration Management plugins. other plugins had to implement own parsers each before. foreman_ansible already switched to it. 9 / 12

10. Questions Puppet 4 Puppet Module Updates Installer Updates Proxy Updates

    Core Updates Puppet 3 to Puppet 4 Future Work Thanks! Upgrading from Puppet 3 to Puppet 4 http://projects.theforeman.org/projects/foreman/wiki/ Upgrading_from_Puppet_3_to_4 A very long installer command, resetting all the affected parameters and setting the master implementation to puppetserver. Katello: foreman-installer --upgrade-puppet 10 / 12

11. Questions Puppet 4 Puppet Module Updates Installer Updates Proxy Updates

    Core Updates Puppet 3 to Puppet 4 Future Work Thanks! Future Work Using Puppet Server API for Puppet CA related actions. Importing and mapping data types from Puppet modules. Adding PXP as puppetrun command. Extracting Puppet support to a plugin. 11 / 12

12. Questions Puppet 4 Puppet Module Updates Installer Updates Proxy Updates

    Core Updates Puppet 3 to Puppet 4 Future Work Thanks! Thanks! Questions? Discussion! 12 / 12