Feature #4699
closedSupport Puppet environmentpath and environment config files
Description
Puppet 3.5 added support for an environmentpath (very much like our own default /etc/puppet/environments/) and 3.6 adds an environment.conf to configure the modulepath etc within each environment. The proxy should understand these layouts.
https://groups.google.com/d/msg/puppet-dev/2QDi2ThnRJQ/EWrFJXa92i8J
https://tickets.puppetlabs.com/browse/PUP-1596
Updated by Alexandros Tsourakis over 10 years ago
Just wanted to say that I just came upon this. I switched Puppet to use directory environments and Foreman proxy started throwing these:
Unable to get classes from Puppet for production ([RestClient::NotAcceptable]: 406 Not Acceptable
E, [2014-05-21T11:07:20.501618 #8861] ERROR -- : Failed to show puppet classes: no 'environments' in {:current_environment=>#<Puppet::Node::Environment:0x7f2195e40eb8 @manifest="/", @name=:"*root*", @modulepath=[], @watching=true, @config_version=nil>, :root_environment=>#<Puppet::Node::Environment:0x7f2195e40eb8 @manifest="/", @name=:"*root*", @modulepath=[], @watching=true, @config_version=nil>} at top of []
As a workaround, I re-entered the environment sections ([production], [testing], etc) in puppet.conf. Puppet ignores them due to environmentpath being set and Foreman is able to import again.
Updated by Dominic Cleal over 10 years ago
- Priority changed from Normal to Urgent
Updated by Paul Calabro over 10 years ago
I'm seeing the exact same issue!
Please let me know if you need anything.
Updated by Dominic Cleal over 10 years ago
- Priority changed from Urgent to High
It seems there's a bug when not using environmentpath which gives the same error - we'll work on this under #5856, while adding environmentpath support will be under this ticket (less urgent).
Updated by Dominic Cleal over 10 years ago
- Related to Feature #4700: Deploy Puppet environmentpath and environment config files added
Updated by Dominic Cleal over 10 years ago
- Has duplicate Feature #6004: Puppet directory environments added
Updated by Dominic Cleal over 10 years ago
- Status changed from New to Assigned
- Assignee set to Dominic Cleal
- Target version set to 1.8.1
Updated by Dominic Cleal over 10 years ago
- Status changed from Assigned to Ready For Testing
Updated by Dominic Cleal over 10 years ago
For anybody wanting to test this on 1.5, here's a rebased patch - please back up your proxy config before using, it's new! This queries Puppet's v2.0 API on localhost to fetch the list of environments, and defaults to the usual hostname and certificate locations, so hopefully it'll work out of the box for most people - unusual setups may need to change settings.yml, see the example.
Updated by Jason Smith over 10 years ago
Dominic Cleal wrote:
For anybody wanting to test this on 1.5, here's a rebased patch - please back up your proxy config before using, it's new! This queries Puppet's v2.0 API on localhost to fetch the list of environments, and defaults to the usual hostname and certificate locations, so hopefully it'll work out of the box for most people - unusual setups may need to change settings.yml, see the example.
I applied this patch to our test puppet server, with foreman-proxy-1.5.1 & puppet-server-3.6.2 installed and environmentpath set to $confdir/environments, it appears to work perfectly. Tested by running "ruby193-rake RAILS_ENV=production puppet:import:puppet_classes" on the Foreman server. Thanks!
Updated by Florian Sachs over 10 years ago
Works here. No changes in settings.yml were necessary
I used this patch on a RHEL6.5, x86_64, puppet-3.6.1, foreman-proxy-1.5.1, foreman-1.5.1, all Packages installed via rpm.
Besides complaining that the tests could not be patched - of course, as they are not in the rpm - the patch could be applied on the files in /usr/share/foreman-proxy and worked! Thank you!
Updated by Elisiano Petrini over 10 years ago
Thanks for fixing this.
I'm not familiar with the Foreman release cycle, so apologies in advance if the following question has an obvious answer:
When can we expect to find this patch in an RPM release?
Thanks!
Updated by Evgeny Vasilchenko over 10 years ago
Dominic Cleal wrote:
For anybody wanting to test this on 1.5, here's a rebased patch - please back up your proxy config before using, it's new! This queries Puppet's v2.0 API on localhost to fetch the list of environments, and defaults to the usual hostname and certificate locations, so hopefully it'll work out of the box for most people - unusual setups may need to change settings.yml, see the example.
The patch worked fine for me: Ubuntu 12.04.04 LTS, x86_64, Puppet 3.6.2, Foreman 1.5.1 (upgraded from 1.5.0)
cd /usr/share/foreman-proxy
curl https://github.com/domcleal/smart-proxy/compare/theforeman:1.5-stable...4699-environmentpath-15.patch | patch -p1
It gives an error about patching files in tests/ but it can be ignored...
I can import Puppet modules and environments now.
[main]
...
- Enable Directory Environemnts
environmentpath = $confdir/environments
basemodulepath = $confdir/modules:/usr/share/puppet/modules
-------- /etc/puppet.conf --------
Thank you very much!
Updated by Evgeny Vasilchenko over 10 years ago
Well - not that fast...
After patch Foreman understands the directory environments, but now I having troubles importing Puppet modules into it.
It's working somehow strange - sometimes it allows to import newly installed classes and sometimes not
roo@host: puppet module install puppetlabs-inifile
<succesfully installed..>
roo@host: puppet module list
/etc/puppet/modules
├── puppetlabs-inifile (v1.1.0)
└── puppetlabs-motd (v1.1.0)
Go to Confugure>> Puppet classes>> [Import from <hostanme> button]
Green pop-up message [No changes to your environments detected]
However I've managed to import the motd module a few minutes ago exactly the same way!
Updated by Dominic Cleal over 10 years ago
Elisiano Petrini wrote:
Thanks for fixing this.
I'm not familiar with the Foreman release cycle, so apologies in advance if the following question has an obvious answer:
When can we expect to find this patch in an RPM release?
I'm hoping to include it in Foreman 1.5.2 within a few weeks. Once somebody's reviewed it, then it'll also be available in our nightly RPMs.
Updated by Dominic Cleal over 10 years ago
Evgeny Vasilchenko wrote:
Well - not that fast...
After patch Foreman understands the directory environments, but now I having troubles importing Puppet modules into it.
It's working somehow strange - sometimes it allows to import newly installed classes and sometimes notroo@host: puppet module install puppetlabs-inifile
<succesfully installed..>
The inifile module doesn't contain any classes (no manifests/ directory), so there's nothing for Foreman to import - it's transparent to Foreman, so you can immediately start using it.
Updated by Anonymous over 10 years ago
- Target version changed from 1.8.1 to 1.8.0
Updated by Paul Seymour over 10 years ago
Hi - I have applied the patch and now I am getting this error:-
E, [2014-07-11T10:50:32.833458 #7140] ERROR -- : Failed to list puppet environments: hostname was not match with the server certificate
Although I suspect it is due to the fact that I am using an HA pair of PuppetMasters I have a Virtual Name/IP cert in the Puppet certs I am getting this trying to import via the smart proxy:-
The Puppet SSL cert shows:-
/usr/bin/openssl x509 -in /etc/puppet/ssl/certs/puppet3.<domain>.pem -text -noout | egrep "Subject:|DNS"
Subject: CN=puppet3.<domain>
DNS:puppet3.<domain>, DNS:vrdevpup003, DNS:vrdevpup003<domain>, DNS:vrdevpup004, DNS:vrdevpup004<domain>
I have tried but the virtual name, and the actual name of the host in these settings.yml entries:
:puppet_url:
:puppet_ssl_ca:
:puppet_ssl_cert:
:puppet_ssl_key:
Updated by Dominic Cleal over 10 years ago
Setting puppet_url should do the trick, but it has to be a full URL, not a hostname: :puppet_url: https://puppet3.domain:8140
Updated by Paul Seymour over 10 years ago
It did thanks thought I had tried that and many other options besides. And then rather embarrasingly I left a typo in the :puppet_url field... Sigh.
On the plus side the patch works fine for the directory environments.
Sorry.
Updated by Dominic Cleal over 10 years ago
No worries, I'm very glad somebody with a non-standard SSL setup has tried it too, thanks for the feedback!
Updated by Dominic Cleal over 10 years ago
- Translation missing: en.field_release set to 18
Updated by The Foreman Bot over 10 years ago
- Pull request https://github.com/theforeman/smart-proxy/pull/168 added
- Pull request deleted (
)
Updated by Dominic Cleal over 10 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset 16db7a9c74abfba21b65d9f0e9a05096c3c7f8fb.