Version information
This version is compatible with:
- Puppet Enterprise >= 3.2.0 < 2016.2.0
- , , , , , , , ,
Start using this module
Add this module to your Puppetfile:
mod 'aharden-puppet_ent_agent', '2.0.5'Learn more about managing modules with a PuppetfileDocumentation
#puppet_ent_agent
####Table of Contents
- Overview
- Module Description - What the module does and why it is useful
- Setup - The basics of getting started with pe_agent
- Usage - Configuration options and additional functionality
- Limitations - OS compatibility, etc.
##Overview
The puppet_ent_agent module configures and manages the Puppet Enterprise Agent software and service. It can also upgrade the agent software on PE 3.x deployments.
##Module Description
The puppet_ent_agent module's upgrade capability is dependent on the PE Package Repositories (pe_repo classes) available on any Puppet Enterprise Master version 3.2 or greater. This module was designed so that PE users can easily upgrade their managed PE agents after a version upgrade of a deployment's PE server(s). The upgrade capability is limited to PE 3.x deployments; to upgrade PE agents on PE 2015.x and later deployments, please use the puppetlabs-puppet_agent module.
Because pe_repo on PE 3.x doesn't include the Windows agents, they can be supported by hosting the Windows PE agent installers on SMB shares.
##Setup
###What puppet_ent_agent affects
- puppet.conf configuration file.
- PE agent service (PE 3.x: pe-puppet; PE 2015.x and later: puppet) (Note: Service is not managed on Solaris systems running PE 3.x agent to avoid a resource conflict with puppet_agent module.)
- /usr/bin links for facter, hiera, puppet, pe-man binaries (Unix/Linux)
- pe-agent package (and pe-* packages related to PE; PE 3.x only)
###Beginning with puppet_ent_agent
include '::puppet_ent_agent' is enough to get you up and running.
class { '::puppet_ent_agent':
agent_caserver => 'puppetca.company.lan',
ensure => '3.8.3'
windows_source => '\\myfileserver\pe-agent'
}
###Parameters
The following parameters are available in the puppet_ent_agent module:
####config
Path to the puppet.conf file. Defaults:
- Unix/Linux:
/etc/puppetlabs/puppet/puppet.conf - Windows:
${appdata}/PuppetLabs/puppet/etc/puppet.conf
####curl_path
Path to the curl binary (AIX and Solaris only). Defaults to /usr/bin/curl
####ensure
Default setting: 'present'
To disable PE agent upgrades, leave this set to 'present'. On PE 2015.x and later agents, it will be ignored.
To upgrade managed agents to a specific PE 3.x version, specify a PE agent version available on your pe_repo PE masters and/or Windows PE agent source.
If the pe_repo package repository of the specified version is not present on the pe_repo server, the module will fail. This module does not manage pe_repo.
####master
Hostname of a PE master with the required pe_repo classes properly applied to it. Defaults to the PE master that compiled the agent's catalog.
####agent_server & agent_caserver & agent_fileserver & agent_environment & agent_splay
Sets the server, ca_server, archive_file_server, environment, and splay settings in the agent's puppet.conf file.
The server settings default to undef and do not manage the settings unless overridden in node classification. agent_environment defaults to 'production'.
####agent_remove_modulepath
If set to true the module will ensure the deprecated modulepath setting is removed from puppet.conf. Default is 'false'.
####manage_symlinks
If set to 'true' the module will create symlinks to hiera, puppet, facter, etc in /usr/bin. (Unix/Linux only) Default is 'true'.
####staging_dir
The directory that will be used on non-Windows hosts to temporarily hold the PE Agent installation script. This defaults to '/tmp/puppet_ent_agent'.
####timeout
The time to wait for agent upgrade installation process to finish on Unix/Linux nodes
####windows_source
A UNC path to a publicly-readable SMB share that contains the PE Agent for Windows MSI files. Ensure that both 32-bit and 64-bit installers are hosted there; the default file names are assumed:
- 32-bit installer:
puppet-enterprise-<version>.msi - 64-bit installer:
puppet-enterprise-<version>-x64.msi
The author recommends the use of Distributed File Services (DFS) namespaces with multiple folder targets to efficiently provide a single UNC path to the files for multi-site deployments.
####windows_task_min
The number of minutes to delay a scheduled task that will be configured to run an upgrade of the PE agent on a managed Windows system, if required. Defaults to 10 minutes. This is meant to allow an upgrade of the PE agent while it's not applying a catalog.
##Limitations
This module depends completely on the correct pe_repo classes being added to the target Puppet Enterprise master servers. If agent installers aren't present, the install class of this module will fail. Best practice is to add pe_repo classes corresponding to the OS families and architectures of all nodes managed in your infrastructure.
Windows support requires the MSI installers for the PE Agent for Windows to be hosted outside of the PE environment. PowerShell is required for upgrade support.
AIX, Debian/Ubuntu, and Windows OS Families have been tested. RedHat and Solaris testing is in progress, but should work. Windows support was changed to a scheduled task after it was found that managing the PE agent as a Puppet package resource produced unpredictable behavior and is not supported by Puppet Labs.
To upgrade PE agents on PE 2015.x and above deployments, please use the puppetlabs-puppet_agent module. Note that puppet_ent_agent and puppet_agent both manage puppet.conf, so only one of them can be classified at a time. On PE 2015.x deployments I recommend using puppet_ent_agent to proactively manage puppet.conf, and using puppet_agent as a tool to effect mass agent upgrades.
2016-05-12 - Version 2.0.5
Bugfix:
- install/nix.pp: Add 15-minute timeout for agent upgrade installation process. Observed some nodes taking over 5 minutes (default exec timeout) to complete the install.
2016-05-12 - Version 2.0.4
Bugfix:
- install/nix.pp: Use insecure curl on Solaris. This is required for Puppet deployments that are using a self-signed CA. Feedback welcome.
2016-05-11 - Version 2.0.3
Bugfix:
- install/nix.pp: Move Solaris back to using root group (bug introduced in 2.0.2).
2016-05-11 - Version 2.0.2
My customers asked me to move Solaris over to curl from wget in puppet_ent_agent::install::nix. Feedback welcome.
Bugfix:
- install/nix.pp: Curl used by default on Solaris instead of wget.
2016-05-11 - Version 2.0.1
Version 2.0.0 broke on Solaris. Refining the service skip logic that avoids puppet_agent resource conflict on Solaris; only skip service management on Solaris if running PE 3.x agent.
Bugfix:
- params.pp: Add service skip condition for Solaris OS family running PE 3.x agent.
- init.pp: Skip service class if not configuring it.
- config.pp: Skip service notification if not configuring service.
- service.pp: Refactored OSfamily check out to params class.
2016-05-10 - Version 2.0.0
New major version release to support classification alongside puppet_agent module during Puppet 3.x to 4.x upgrades.
Bugfix:
- params.pp: Improve agent version detection.
- service.pp: Removed Solaris from service resource management -- puppet_agent manages the pe-puppet service during upgrades of Solaris.
2016-03-03 - Version 1.4.3
Bugfix:
- config.pp: Prevented config::symlinks from being included on Windows systems
2016-02-22 - Version 1.4.2
Bugfix:
- config.pp: Removed dangling reference to File[$config]
2016-02-19 - Version 1.4.1 (BAD RELEASE)
Bugfix:
- config.pp: Removed owner/group/mode management of puppet.conf due to inconsistencies between PE 2015.x servers and agents
2016-02-01 - Version 1.4.0
New Features:
- Compatible with PE 2015.2.x and PE 2015.3.x deployments (PE 2015.x and later All-in-one agent upgrades not supported)
- All non-base classes now marked private
2015-11-20 - Version 1.3.0
New Feature:
- curl_path parameter for AIX (doesn't support wget with SSL)
Bugfix:
- Moved all wget::fetch calls to use TLSv1 since that's what Puppet Enterprise defaults to
2015-11-11 - Version 1.2.6
Bugfix:
- install/nix.pp: Force RedHat 5.x systems to specify TLSv1 security for wget. We may have other platforms that require this since PE requires TLSv1 security or better.
Thanks to @ajmaidak for this contribution.
2015-11-03 - Version 1.2.5
Bugfix:
- params.pp: corrected PE 3.x service name from "pe_puppet" to "pe-puppet"
2015-11-03 - Version 1.2.4 (broken - do not use)
Bugfix:
- params.pp: rubyversion fact was not the best indicator of Puppet agent type (PE 3.x vs AIO) and hence service name. I believe the "is_pe" fact is; moved over to using that.
2015-10-30 - Version 1.2.3 (broken - do not use)
Bugfix:
- added support in config and service classes for Puppet AIO (all-in-one) agent to accommodate transitions to PE 2015.2.x
2015-10-23 - Version 1.2.2
Bugfix:
- config.pp: uncorrected linting issue to improve code quality score
- install/nix.pp: added redownload parameter in case previous install.bash was still on disk
- params.pp: moved to a puppet_confdir fact for Puppet 3.x/4.x compatibility (thanks to puppetlabs-puppet_agent module for idea)
Thanks to @ajmaidak for the install/nix contribution.
2015-10-21 - Version 1.2.1
Bugfix:
- config.pp: spelling error fixed and corrected linting issue
2015-10-21 - Version 1.2.0
New features:
- agent_splay: (boolean) controls PE agent splay toggle on/off
- agent_remove_modulepath: (boolean) enables removal of deprecated modulepath
- manage_symlinks: (boolean) controls whether /usr/bin symlinks are managed
Bugfix:
- ensure: now by default set to 'present' as previously documented
Updates:
- Added Changelog
- Clarified PE 3.x-only support in Readme
- Additional testing resources added
Thanks to @ajmaidak for contributing to this release!
2015-08-12 - Version 1.1.0
New feature:
- Added management of /usr/bin symlinks for facter, hiera, puppet, and pe-man binaries that appeared to be dropped as of PE 3.8. (Unix/Linux)
Bugfix:
- Corrected owner:group of puppet.conf on AIX back to puppet:puppet.
2015-07-15 - Version 1.0.0
First Production Release
Refactored parameters and methods:
- pe_repo was unreliable as an apt source (at least as managed with puppetlabs/apt) so I decided to use the PE bash-script-based installation for Unix/Linux natively. (Dumped yum support as well.)
- Combined package_ensure and version parameters into a single 'ensure' parameter.
Dependencies
- maestrodev-wget (>= 1.5.0 < 2.0.0)
- puppetlabs-inifile (>= 1.0.0 < 2.0.0)
- puppetlabs-stdlib (>= 3.2.0 < 5.0.0)
Copyright [2014] [Chris Barker]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Copyright [2015] [Alex Harden]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.