Feature #4699

Support Puppet environmentpath and environment config files

Added by Dominic Cleal over 3 years ago. Updated over 3 years ago.

Status:Closed
Priority:High
Assigned To:Dominic Cleal
Category:Puppet
Target version:Foreman - Sprint 26
Difficulty: Bugzilla link:1118824
Found in release: Pull request:https://github.com/theforeman/smart-proxy/pull/168
Story points-
Velocity based estimate-
Release1.5.2Release relationshipAuto

Description

Puppet 3.5 added support for an environmentpath (very much like our own default /etc/puppet/environments/) and 3.6 adds an environment.conf to configure the modulepath etc within each environment. The proxy should understand these layouts.

https://groups.google.com/d/msg/puppet-dev/2QDi2ThnRJQ/EWrFJXa92i8J
https://tickets.puppetlabs.com/browse/PUP-1596


Related issues

Related to Installer - Feature #4700: Deploy Puppet environmentpath and environment config files Closed 03/19/2014
Duplicated by Foreman - Feature #6004: Puppet directory environments Duplicate 05/31/2014

Associated revisions

Revision 16db7a9c
Added by Dominic Cleal over 3 years ago

fixes #4699 - support Puppet environments API for directory envs

History

#1 Updated by Alexandros Tsourakis over 3 years ago

Just wanted to say that I just came upon this. I switched Puppet to use directory environments and Foreman proxy started throwing these:

Unable to get classes from Puppet for production ([RestClient::NotAcceptable]: 406 Not Acceptable

E, [2014-05-21T11:07:20.501618 #8861] ERROR -- : Failed to show puppet classes: no 'environments' in {:current_environment=>#<Puppet::Node::Environment:0x7f2195e40eb8 @manifest="/", @name=:"*root*", @modulepath=[], @watching=true, @config_version=nil>, :root_environment=>#<Puppet::Node::Environment:0x7f2195e40eb8 @manifest="/", @name=:"*root*", @modulepath=[], @watching=true, @config_version=nil>} at top of []

As a workaround, I re-entered the environment sections ([production], [testing], etc) in puppet.conf. Puppet ignores them due to environmentpath being set and Foreman is able to import again.

#2 Updated by Dominic Cleal over 3 years ago

  • Priority changed from Normal to Urgent

#3 Updated by Paul Calabro over 3 years ago

I'm seeing the exact same issue!

Please let me know if you need anything.

#4 Updated by Dominic Cleal over 3 years ago

  • Priority changed from Urgent to High

It seems there's a bug when not using environmentpath which gives the same error - we'll work on this under #5856, while adding environmentpath support will be under this ticket (less urgent).

#5 Updated by Dominic Cleal over 3 years ago

  • Related to Feature #4700: Deploy Puppet environmentpath and environment config files added

#6 Updated by Dominic Cleal over 3 years ago

  • Duplicated by Feature #6004: Puppet directory environments added

#7 Updated by Dominic Cleal over 3 years ago

  • Status changed from New to Assigned
  • Assigned To set to Dominic Cleal
  • Target version set to Sprint 25

#8 Updated by Dominic Cleal over 3 years ago

  • Status changed from Assigned to Ready For Testing

#9 Updated by Dominic Cleal over 3 years ago

For anybody wanting to test this on 1.5, here's a rebased patch - please back up your proxy config before using, it's new! This queries Puppet's v2.0 API on localhost to fetch the list of environments, and defaults to the usual hostname and certificate locations, so hopefully it'll work out of the box for most people - unusual setups may need to change settings.yml, see the example.

https://github.com/domcleal/smart-proxy/compare/theforeman:1.5-stable...4699-environmentpath-15.patch

#10 Updated by Jason Smith over 3 years ago

Dominic Cleal wrote:

For anybody wanting to test this on 1.5, here's a rebased patch - please back up your proxy config before using, it's new! This queries Puppet's v2.0 API on localhost to fetch the list of environments, and defaults to the usual hostname and certificate locations, so hopefully it'll work out of the box for most people - unusual setups may need to change settings.yml, see the example.

https://github.com/domcleal/smart-proxy/compare/theforeman:1.5-stable...4699-environmentpath-15.patch

I applied this patch to our test puppet server, with foreman-proxy-1.5.1 & puppet-server-3.6.2 installed and environmentpath set to $confdir/environments, it appears to work perfectly. Tested by running "ruby193-rake RAILS_ENV=production puppet:import:puppet_classes" on the Foreman server. Thanks!

#11 Updated by Florian Sachs over 3 years ago

Works here. No changes in settings.yml were necessary

I used this patch on a RHEL6.5, x86_64, puppet-3.6.1, foreman-proxy-1.5.1, foreman-1.5.1, all Packages installed via rpm.

Besides complaining that the tests could not be patched - of course, as they are not in the rpm - the patch could be applied on the files in /usr/share/foreman-proxy and worked! Thank you!

#12 Updated by Elisiano Petrini over 3 years ago

Thanks for fixing this.
I'm not familiar with the Foreman release cycle, so apologies in advance if the following question has an obvious answer:
When can we expect to find this patch in an RPM release?

Thanks!

#13 Updated by Evgeny Vasilchenko over 3 years ago

Dominic Cleal wrote:

For anybody wanting to test this on 1.5, here's a rebased patch - please back up your proxy config before using, it's new! This queries Puppet's v2.0 API on localhost to fetch the list of environments, and defaults to the usual hostname and certificate locations, so hopefully it'll work out of the box for most people - unusual setups may need to change settings.yml, see the example.

https://github.com/domcleal/smart-proxy/compare/theforeman:1.5-stable...4699-environmentpath-15.patch

The patch worked fine for me: Ubuntu 12.04.04 LTS, x86_64, Puppet 3.6.2, Foreman 1.5.1 (upgraded from 1.5.0)

cd /usr/share/foreman-proxy
curl https://github.com/domcleal/smart-proxy/compare/theforeman:1.5-stable...4699-environmentpath-15.patch | patch -p1

It gives an error about patching files in tests/ but it can be ignored...
I can import Puppet modules and environments now.

-------- /etc/puppet.conf --------
[main]
...
  1. Enable Directory Environemnts
    environmentpath = $confdir/environments
    basemodulepath = $confdir/modules:/usr/share/puppet/modules

-------- /etc/puppet.conf --------

Thank you very much!

#14 Updated by Evgeny Vasilchenko over 3 years ago

Well - not that fast...

After patch Foreman understands the directory environments, but now I having troubles importing Puppet modules into it.
It's working somehow strange - sometimes it allows to import newly installed classes and sometimes not

roo@host: puppet module install puppetlabs-inifile
<succesfully installed..>

roo@host: puppet module list

/etc/puppet/modules
├── puppetlabs-inifile (v1.1.0)
└── puppetlabs-motd (v1.1.0)

Go to Confugure>> Puppet classes>> [Import from <hostanme> button]

Green pop-up message [No changes to your environments detected]

However I've managed to import the motd module a few minutes ago exactly the same way!

#15 Updated by Dominic Cleal over 3 years ago

Elisiano Petrini wrote:

Thanks for fixing this.
I'm not familiar with the Foreman release cycle, so apologies in advance if the following question has an obvious answer:
When can we expect to find this patch in an RPM release?

I'm hoping to include it in Foreman 1.5.2 within a few weeks. Once somebody's reviewed it, then it'll also be available in our nightly RPMs.

#16 Updated by Dominic Cleal over 3 years ago

Evgeny Vasilchenko wrote:

Well - not that fast...

After patch Foreman understands the directory environments, but now I having troubles importing Puppet modules into it.
It's working somehow strange - sometimes it allows to import newly installed classes and sometimes not

roo@host: puppet module install puppetlabs-inifile
<succesfully installed..>

The inifile module doesn't contain any classes (no manifests/ directory), so there's nothing for Foreman to import - it's transparent to Foreman, so you can immediately start using it.

#17 Updated by Dmitri Dolguikh over 3 years ago

  • Target version changed from Sprint 25 to Sprint 26

#18 Updated by Paul Seymour over 3 years ago

Hi - I have applied the patch and now I am getting this error:-

E, [2014-07-11T10:50:32.833458 #7140] ERROR -- : Failed to list puppet environments: hostname was not match with the server certificate

Although I suspect it is due to the fact that I am using an HA pair of PuppetMasters I have a Virtual Name/IP cert in the Puppet certs I am getting this trying to import via the smart proxy:-

The Puppet SSL cert shows:-
/usr/bin/openssl x509 -in /etc/puppet/ssl/certs/puppet3.&lt;domain&gt;.pem -text -noout | egrep "Subject:|DNS"
Subject: CN=puppet3.&lt;domain&gt;
DNS:puppet3.&lt;domain&gt;, DNS:vrdevpup003, DNS:vrdevpup003&lt;domain&gt;, DNS:vrdevpup004, DNS:vrdevpup004&lt;domain&gt;

I have tried but the virtual name, and the actual name of the host in these settings.yml entries:
:puppet_url:
:puppet_ssl_ca:
:puppet_ssl_cert:
:puppet_ssl_key:

#19 Updated by Dominic Cleal over 3 years ago

Setting puppet_url should do the trick, but it has to be a full URL, not a hostname: :puppet_url: https://puppet3.domain:8140

#20 Updated by Paul Seymour over 3 years ago

It did thanks thought I had tried that and many other options besides. And then rather embarrasingly I left a typo in the :puppet_url field... Sigh.

On the plus side the patch works fine for the directory environments.

Sorry.

#21 Updated by Dominic Cleal over 3 years ago

No worries, I'm very glad somebody with a non-standard SSL setup has tried it too, thanks for the feedback!

#22 Updated by Dominic Cleal over 3 years ago

  • Release set to 1.5.2

#23 Updated by Bryan Kearney over 3 years ago

  • Bugzilla link set to 1118824

#24 Updated by The Foreman Bot over 3 years ago

  • Pull request https://github.com/theforeman/smart-proxy/pull/168 added

#25 Updated by Dominic Cleal over 3 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

Also available in: Atom PDF