[ 'aio_defaults', 'puppet_utils', 'windows_utils' ].each do |lib|
require "beaker-puppet/install_utils/#{lib}"
end
require 'beaker-pe/install/feature_flags'
require "beaker-answers"
require "timeout"
require "json"
require "deep_merge"
module Beaker
module DSL
module InstallUtils
#
# This module contains methods to help installing/upgrading PE builds - including Higgs installs
#
# To mix this is into a class you need the following:
# * a method *hosts* that yields any hosts implementing
# {Beaker::Host}'s interface to act upon.
# * a method *options* that provides an options hash, see {Beaker::Options::OptionsHash}
# * the module {Beaker::DSL::Roles} that provides access to the various hosts implementing
# {Beaker::Host}'s interface to act upon
# * the module {Beaker::DSL::Wrappers} the provides convenience methods for {Beaker::DSL::Command} creation
module PEUtils
include AIODefaults
include PEDefaults
include PuppetUtils
include WindowsUtils
# Version of PE when we switched from legacy installer to MEEP.
MEEP_CUTOVER_VERSION = '2016.2.0'
# Version of PE when we switched to using meep for classification
# instead of PE node groups
MEEP_CLASSIFICATION_VERSION = '2018.2.0'
# PE-18799 temporary default used for meep classification check while
# we navigate the switchover.
# PE-18718 switch flag to true once beaker-pe, beaker-answers,
# beaker-pe-large-environments and pe_acceptance_tests are ready
DEFAULT_MEEP_CLASSIFICATION = false
# Version of PE in which PE is managing the agent service
MANAGE_PUPPET_SERVICE_VERSION = '2018.1.0'
MEEP_DATA_DIR = '/etc/puppetlabs/enterprise'
PE_CONF_FILE = "#{MEEP_DATA_DIR}/conf.d/pe.conf"
NODE_CONF_PATH = "#{MEEP_DATA_DIR}/conf.d/nodes"
BEAKER_MEEP_TMP = "pe_conf"
# @!macro [new] common_opts
# @param [Hash{Symbol=>String}] opts Options to alter execution.
# @option opts [Boolean] :silent (false) Do not produce log output
# @option opts [Array<Fixnum>] :acceptable_exit_codes ([0]) An array
# (or range) of integer exit codes that should be considered
# acceptable. An error will be thrown if the exit code does not
# match one of the values in this list.
# @option opts [Boolean] :accept_all_exit_codes (false) Consider all
# exit codes as passing.
# @option opts [Boolean] :dry_run (false) Do not actually execute any
# commands on the SUT
# @option opts [String] :stdin (nil) Input to be provided during command
# execution on the SUT.
# @option opts [Boolean] :pty (false) Execute this command in a pseudoterminal.
# @option opts [Boolean] :expect_connection_failure (false) Expect this command
# to result in a connection failure, reconnect and continue execution.
# @option opts [Hash{String=>String}] :environment ({}) These will be
# treated as extra environment variables that should be set before
# running the command.
#Sort array of hosts so that it has the correct order for PE installation based upon each host's role
#@param subset [Array<Host>] An array of hosts to sort, defaults to global 'hosts' object
# @example
# h = sorted_hosts
#
# @note Order for installation should be
# First : master
# Second: database host (if not same as master)
# Third: dashboard (if not same as master or database)
# Fourth: everything else
#
# @!visibility private
def sorted_hosts subset = hosts
special_nodes = []
[master, database, dashboard].uniq.each do |host|
special_nodes << host if host != nil && subset.include?(host)
end
real_agents = agents - special_nodes
real_agents = real_agents.delete_if{ |host| !subset.include?(host) }
special_nodes + real_agents
end
# If host or opts has the :use_puppet_ca_cert flag set, then push the master's
# ca cert onto the given host at /etc/puppetlabs/puppet/ssl/certs/ca.pem.
#
# This in turn allows +frictionless_agent_installer_cmd+ to generate
# an install which references the cert to verify the master when downloading
# resources.
def install_ca_cert_on(host, opts)
if host[:use_puppet_ca_cert] || opts[:use_puppet_ca_cert]
@cert_cache_dir ||= Dir.mktmpdir("master_ca_cert")
local_cert_copy = "#{@cert_cache_dir}/ca.pem"
step "Copying master ca.pem to agent for secure frictionless install" do
agent_ca_pem_dir = "#{host['puppetpath']}/ssl/certs"
master_ca_pem_path = "/etc/puppetlabs/puppet/ssl/certs/ca.pem"
scp_from(master, master_ca_pem_path , @cert_cache_dir) unless File.exist?(local_cert_copy)
on(host, "mkdir -p #{agent_ca_pem_dir}")
scp_to(host, local_cert_copy, agent_ca_pem_dir)
end
end
end
# Return agent nodes with 'lb_connect' role that are not loadbalancers
def loadbalancer_connecting_agents
lb_connect_nodes = select_hosts(roles: ['lb_connect'])
lb_connect_agents = lb_connect_nodes.reject { |h| h['roles'].include?('loadbalancer')}
end
# Returns true if loadbalncer exists and is configured with 'lb_connect' role
def lb_connect_loadbalancer_exists?
if any_hosts_as?('loadbalancer')
lb_node = select_hosts(roles: ['loadbalancer'])
lb_node.first['roles'].include?('lb_connect')
end
end
#Returns loadbalancer if host is an agent and loadbalancer has lb_connect role
#@param [Host] agent host with lb_connect role
def get_lb_downloadhost(host)
downloadhost = master
if !host['roles'].include?('loadbalancer') && lb_connect_loadbalancer_exists?
downloadhost = loadbalancer
end
downloadhost
end
#Remove client_datadir on the host
#@param [Host] the host
def remove_client_datadir(host)
client_datadir = host.puppet['client_datadir']
on(host, "rm -rf #{client_datadir}")
end
#Return true if tlsv1 protocol needs to be enforced
#param [Host] the host
def require_tlsv1?(host)
tlsv1_platforms = [/aix/, /el-5/, /solaris-1[0,1]-[i,x]/, /sles-11/,/windows-2008/]
return tlsv1_platforms.any? {|platform_regex| host['platform'] =~ platform_regex}
end
# Generate the command line string needed to from a frictionless puppet-agent
# install on this host in a PE environment.
#
# @param [Host] host The host to install puppet-agent onto
# @param [Hash] opts The full beaker options
# @option opts [Boolean] :use_puppet_ca_cert (false) if true the
# command will reference the local puppet ca cert to verify the master
# when obtaining the installation script
# @param [String] pe_version The PE version string for capabilities testing
# @return [String] of the commands to be executed for the install
def frictionless_agent_installer_cmd(host, opts, pe_version)
# PE 3.4 introduced the ability to pass in config options to the bash
# script in the form of <section>:<key>=<value>
frictionless_install_opts = []
if host.has_key?('frictionless_options') and ! version_is_less(pe_version, '3.4.0')
# since we have options to pass in, we need to tell the bash script
host['frictionless_options'].each do |section, settings|
settings.each do |key, value|
frictionless_install_opts << "#{section}:#{key}=#{value}"
end
end
end
# PE 2018.1.0 introduced a pe_repo flag that will determine what happens during the frictionless install
# Current support in beaker-pe is for:
# --puppet-service-debug, when running puppet service enable, the debug flag is passed into puppt service
if (host[:puppet_service_debug_flag] == true and ! version_is_less(pe_version, '2018.1.0'))
frictionless_install_opts << '--puppet-service-debug'
end
# If this is an agent node configured to connect to the loadbalancer
# using 'lb_connect' role, then use loadbalancer in the download url
# instead of master
downloadhost = master
if host['roles'].include?('lb_connect')
downloadhost = get_lb_downloadhost(host)
end
pe_debug = host[:pe_debug] || opts[:pe_debug] ? ' -x' : ''
use_puppet_ca_cert = host[:use_puppet_ca_cert] || opts[:use_puppet_ca_cert]
if host['platform'] =~ /windows/ then
if use_puppet_ca_cert
frictionless_install_opts << '-UsePuppetCA'
cert_validator = %Q{\\$callback = {param(\\$sender,[System.Security.Cryptography.X509Certificates.X509Certificate]\\$certificate,[System.Security.Cryptography.X509Certificates.X509Chain]\\$chain,[System.Net.Security.SslPolicyErrors]\\$sslPolicyErrors);\\$CertificateType=[System.Security.Cryptography.X509Certificates.X509Certificate2];\\$CACert=\\$CertificateType::CreateFromCertFile('#{host['puppetpath']}/ssl/certs/ca.pem') -as \\$CertificateType;\\$chain.ChainPolicy.ExtraStore.Add(\\$CACert);return \\$chain.Build(\\$certificate)};[Net.ServicePointManager]::ServerCertificateValidationCallback = \\$callback}
else
cert_validator = '[Net.ServicePointManager]::ServerCertificateValidationCallback = {\\$true}'
end
if version_is_less(pe_version, '2019.1.0') || require_tlsv1?(host) then
protocol_to_use =''
else
protocol_to_use = '[System.Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12'
end
cmd = %Q{powershell -c "cd #{host['working_dir']};#{protocol_to_use};#{cert_validator};\\$webClient = New-Object System.Net.WebClient;\\$webClient.DownloadFile('https://#{downloadhost}:8140/packages/current/install.ps1', '#{host['working_dir']}/install.ps1');#{host['working_dir']}/install.ps1 -verbose #{frictionless_install_opts.join(' ')}"}
else
curl_opts = %w{-O}
if version_is_less(pe_version, '2019.1.0') || require_tlsv1?(host)
curl_opts << '--tlsv1'
end
if use_puppet_ca_cert
curl_opts << '--cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem'
elsif host['platform'] !~ /aix/
curl_opts << '-k'
end
cmd = "FRICTIONLESS_TRACE='true'; export FRICTIONLESS_TRACE; cd #{host['working_dir']} && curl #{curl_opts.join(' ')} https://#{downloadhost}:8140/packages/current/install.bash && bash#{pe_debug} install.bash #{frictionless_install_opts.join(' ')}".strip
end
return cmd
end
#Create the PE install command string based upon the host and options settings
# @param [Host] host The host that PE is to be installed on
# For UNIX machines using the full PE installer, the host object must have the 'pe_installer' field set correctly.
# @param [Hash{Symbol=>String}] opts The options
# @option opts [String] :pe_ver Default PE version to install or upgrade to
# (Otherwise uses individual hosts pe_ver)
# @option opts [Boolean] :pe_debug (false) Should we run the installer in debug mode?
# @option opts [Boolean] :interactive (false) Should we run the installer in interactive mode?
# @example
# on host, "#{installer_cmd(host, opts)} -a #{host['working_dir']}/answers"
# @api private
def installer_cmd(host, opts)
version = host['pe_ver'] || opts[:pe_ver]
# Frictionless install didn't exist pre-3.2.0, so in that case we fall
# through and do a regular install.
if host['roles'].include? 'frictionless' and ! version_is_less(version, '3.2.0')
frictionless_agent_installer_cmd(host, opts, version)
elsif host['platform'] =~ /osx/
version = host['pe_ver'] || opts[:pe_ver]
pe_debug = host[:pe_debug] || opts[:pe_debug] ? ' -verboseR' : ''
"cd #{host['working_dir']} && hdiutil attach #{host['dist']}.dmg && installer#{pe_debug} -pkg /Volumes/puppet-enterprise-#{version}/puppet-enterprise-installer-#{version}.pkg -target /"
elsif host['platform'] =~ /eos/
host.install_from_file("puppet-enterprise-#{version}-#{host['platform']}.swix")
else
pe_debug = host[:pe_debug] || opts[:pe_debug] ? ' -D' : ''
pe_cmd = "cd #{host['working_dir']}/#{host['dist']} && ./#{host['pe_installer']}#{pe_debug}"
if ! version_is_less(host['pe_ver'], '2016.2.1') && ! opts[:interactive]
# -y option sets "assume yes" mode where yes or whatever default will be assumed
pe_cmd += " -y"
end
# If we are doing an upgrade from 2016.2.0,
# we can assume there will be a valid pe.conf in /etc that we can re-use.
# We also expect that any custom_answers specified to beaker have been
# added to the pe.conf in /etc.
if opts[:type] == :upgrade && use_meep?(host[:previous_pe_ver])
"#{pe_cmd}"
else
"#{pe_cmd} #{host['pe_installer_conf_setting']}"
end
end
end
#This calls the installer command on the host in question
def execute_installer_cmd(host, opts)
on host, installer_cmd(host, opts)
end
#Determine the PE package to download/upload on a mac host, download/upload that package onto the host.
# Assumed file name format: puppet-enterprise-3.3.0-rc1-559-g97f0833-osx-10.9-x86_64.dmg.
# @param [Host] host The mac host to download/upload and unpack PE onto
# @param [Hash{Symbol=>Symbol, String}] opts The options
# @option opts [String] :pe_dir Default directory or URL to pull PE package from
# (Otherwise uses individual hosts pe_dir)
# @option opts [Boolean] :fetch_local_then_push_to_host determines whether
# you use Beaker as the middleman for this (true), or curl the
# file from the host (false; default behavior)
# @api private
def fetch_pe_on_mac(host, opts)
path = host['pe_dir'] || opts[:pe_dir]
local = File.directory?(path)
filename = "#{host['dist']}"
extension = ".dmg"
if local
if not File.exists?("#{path}/#{filename}#{extension}")
raise "attempting installation on #{host}, #{path}/#{filename}#{extension} does not exist"
end
scp_to host, "#{path}/#{filename}#{extension}", "#{host['working_dir']}/#{filename}#{extension}"
else
if not link_exists?("#{path}/#{filename}#{extension}")
raise "attempting installation on #{host}, #{path}/#{filename}#{extension} does not exist"
end
if opts[:fetch_local_then_push_to_host]
fetch_and_push_pe(host, path, filename, extension)
else
on host, "cd #{host['working_dir']}; curl -O #{path}/#{filename}#{extension}"
end
end
end
#Determine the PE package to download/upload on a windows host, download/upload that package onto the host.
#Assumed file name format: puppet-enterprise-3.3.0-rc1-559-g97f0833.msi
# @param [Host] host The windows host to download/upload and unpack PE onto
# @param [Hash{Symbol=>Symbol, String}] opts The options
# @option opts [String] :pe_dir Default directory or URL to pull PE package from
# (Otherwise uses individual hosts pe_dir)
# @option opts [String] :pe_ver_win Default PE version to install or upgrade to
# (Otherwise uses individual hosts pe_ver)
# @option opts [Boolean] :fetch_local_then_push_to_host determines whether
# you use Beaker as the middleman for this (true), or curl the
# file from the host (false; default behavior)
# @api private
def fetch_pe_on_windows(host, opts)
path = host['pe_dir'] || opts[:pe_dir]
local = File.directory?(path)
filename = "#{host['dist']}"
extension = ".msi"
if local
if not File.exists?("#{path}/#{filename}#{extension}")
raise "attempting installation on #{host}, #{path}/#{filename}#{extension} does not exist"
end
scp_to host, "#{path}/#{filename}#{extension}", "#{host['working_dir']}/#{filename}#{extension}"
else
if not link_exists?("#{path}/#{filename}#{extension}")
raise "attempting installation on #{host}, #{path}/#{filename}#{extension} does not exist"
end
if opts[:fetch_local_then_push_to_host]
fetch_and_push_pe(host, path, filename, extension)
on host, "cd #{host['working_dir']}; chmod 644 #{filename}#{extension}"
elsif host.is_cygwin?
on host, "cd #{host['working_dir']}; curl -O #{path}/#{filename}#{extension}"
else
on host, powershell("$webclient = New-Object System.Net.WebClient; $webclient.DownloadFile('#{path}/#{filename}#{extension}','#{host['working_dir']}\\#{filename}#{extension}')")
end
end
end
#Determine the PE package to download/upload on a unix style host, download/upload that package onto the host
#and unpack it.
# @param [Host] host The unix style host to download/upload and unpack PE onto
# @param [Hash{Symbol=>Symbol, String}] opts The options
# @option opts [String] :pe_dir Default directory or URL to pull PE package from
# (Otherwise uses individual hosts pe_dir)
# @option opts [Boolean] :fetch_local_then_push_to_host determines whether
# you use Beaker as the middleman for this (true), or curl the
# file from the host (false; default behavior)
# @api private
def fetch_pe_on_unix(host, opts)
path = host['pe_dir'] || opts[:pe_dir]
local = File.directory?(path)
filename = "#{host['dist']}"
if local
extension = File.exists?("#{path}/#{filename}.tar.gz") ? ".tar.gz" : ".tar"
if not File.exists?("#{path}/#{filename}#{extension}")
raise "attempting installation on #{host}, #{path}/#{filename}#{extension} does not exist"
end
scp_to host, "#{path}/#{filename}#{extension}", "#{host['working_dir']}/#{filename}#{extension}"
if extension =~ /gz/
on host, "cd #{host['working_dir']}; gunzip #{filename}#{extension}"
end
if extension =~ /tar/
on host, "cd #{host['working_dir']}; tar -xvf #{filename}.tar"
end
else
if host['platform'] =~ /eos/
extension = '.swix'
else
extension = link_exists?("#{path}/#{filename}.tar.gz") ? ".tar.gz" : ".tar"
end
if not link_exists?("#{path}/#{filename}#{extension}")
raise "attempting installation on #{host}, #{path}/#{filename}#{extension} does not exist"
end
if host['platform'] =~ /eos/
host.get_remote_file("#{path}/#{filename}#{extension}")
else
unpack = 'tar -xvf -'
unpack = extension =~ /gz/ ? 'gunzip | ' + unpack : unpack
if opts[:fetch_local_then_push_to_host]
fetch_and_push_pe(host, path, filename, extension)
command_file_push = 'cat '
else
command_file_push = "curl #{path}/"
end
on host, "cd #{host['working_dir']}; #{command_file_push}#{filename}#{extension} | #{unpack}"
end
end
end
#Determine the PE package to download/upload per-host, download/upload that package onto the host
#and unpack it.
# @param [Array<Host>] hosts The hosts to download/upload and unpack PE onto
# @param [Hash{Symbol=>Symbol, String}] opts The options
# @option opts [String] :pe_dir Default directory or URL to pull PE package from
# (Otherwise uses individual hosts pe_dir)
# @option opts [String] :pe_ver Default PE version to install or upgrade to
# (Otherwise uses individual hosts pe_ver)
# @option opts [String] :pe_ver_win Default PE version to install or upgrade to on Windows hosts
# (Otherwise uses individual Windows hosts pe_ver)
# @option opts [Boolean] :fetch_local_then_push_to_host determines whether
# you use Beaker as the middleman for this (true), or curl the
# file from the host (false; default behavior)
# @api private
def fetch_pe(hosts, opts)
hosts.each do |host|
# We install Puppet from the master for frictionless installs, so we don't need to *fetch* anything
next if host['roles'].include?('frictionless') && (! version_is_less(opts[:pe_ver] || host['pe_ver'], '3.2.0'))
if host['platform'] =~ /windows/
fetch_pe_on_windows(host, opts)
elsif host['platform'] =~ /osx/
fetch_pe_on_mac(host, opts)
else
fetch_pe_on_unix(host, opts)
end
end
end
#Classify the master so that it can deploy frictionless packages for a given host.
#This function does nothing when using meep for classification.
# @param [Host] host The host to install pacakges for
# @api private
def deploy_frictionless_to_master(host)
return if use_meep_for_classification?(master[:pe_ver], options)
# For some platforms (e.g, redhatfips), packaging_platfrom is set and should
# be used as the primary source of truth for the platform string.
platform = host['packaging_platform'] || host['platform']
# We don't have a separate AIX 7.2 build, so it is
# classified as 7.1 for pe_repo purposes
if platform == "aix-7.2-power"
platform = "aix-7.1-power"
end
klass = platform.gsub(/-/, '_').gsub(/\./,'')
if host['platform'] =~ /windows/
if host['template'] =~ /i386/
klass = "pe_repo::platform::windows_i386"
else
klass = "pe_repo::platform::windows_x86_64"
end
else
klass = "pe_repo::platform::#{klass}"
end
if version_is_less(host['pe_ver'], '3.8')
# use the old rake tasks
on dashboard, "cd /opt/puppet/share/puppet-dashboard && /opt/puppet/bin/bundle exec /opt/puppet/bin/rake nodeclass:add[#{klass},skip]"
on dashboard, "cd /opt/puppet/share/puppet-dashboard && /opt/puppet/bin/bundle exec /opt/puppet/bin/rake node:add[#{master},,,skip]"
on dashboard, "cd /opt/puppet/share/puppet-dashboard && /opt/puppet/bin/bundle exec /opt/puppet/bin/rake node:addclass[#{master},#{klass}]"
on master, puppet("agent -t"), :acceptable_exit_codes => [0,2]
else
_console_dispatcher = get_console_dispatcher_for_beaker_pe!
# Add pe_repo packages to 'PE Master' group
node_group = _console_dispatcher.get_node_group_by_name('PE Master')
# add the pe_repo platform class if it's not already present
if node_group
if !node_group['classes'].include?(klass)
node_group['classes'][klass] = {}
_console_dispatcher.create_new_node_group_model(node_group)
# The puppet agent run that will download the agent tarballs to the master can sometimes fail with
# curl errors if there is a network hiccup. Use beakers `retry_on` method to retry up to
# three times to avoid failing the entire test pipeline due to a network blip
retry_opts = {
:desired_exit_codes => [0,2],
:max_retries => 3,
# Beakers retry_on method wants the verbose value to be a string, not a bool.
:verbose => 'true'
}
retry_on(master, puppet("agent -t"), retry_opts)
# If we are connecting through loadbalancer, download the agent tarballs to compile masters
if lb_connect_loadbalancer_exists?
hosts.each do |h|
if h['roles'].include?('compile_master') || h['roles'].include?('pe_compiler')
retry_on(h, puppet("agent -t"), retry_opts)
end
end
end
end
else
raise "Failed to add pe_repo packages, PE Master node group is not available"
end
end
end
# Check for availability of required network resources
# @param [Array<Host>] hosts
# @param [Array<String>] network_resources
#
# @example
# verify_network_resources(hosts, network_resources)
#
# @return nil
#
# @api private
def verify_network_resources(hosts, network_resources)
logger.notify("Checking the availability of network resources.")
hosts.each do |host|
# if options[:net_diag_hosts] isn't set, skip this check
if network_resources != nil
network_resources.each do |resource|
# curl the network resource silently (-s), only connect (-I), and don't print the output
on host, "curl -I -s #{resource} > /dev/null", :accept_all_exit_codes => true
if host.connection.logger.last_result.exit_code != 0
logger.warn("Connection error: #{host.host_hash[:vmhostname]} was unable to connect to #{resource}. Please ensure that your test does not require this resource.")
end
end
end
hosts.each do |target_host|
ping_opts = host['platform'] =~ /windows/ ? "-n 1" : "-c1"
on host, "ping #{ping_opts} #{target_host.host_hash[:vmhostname]} > /dev/null", :accept_all_exit_codes => true
if host.connection.logger.last_result.exit_code != 0
logger.warn("Connection error: #{host.host_hash[:vmhostname]} was unable to connect to #{target_host.host_hash[:vmhostname]} in your testing infrastructure.")
end
end
end
end
# Check system resources, so that we might be able to find correlations
# between absurd load levels and transients.
# @param [Array<Host>] hosts
#
# @example
# verify_vm_resources(hosts)
#
# @return nil
#
# @api private
def verify_vm_resources(hosts)
logger.notify("Checking the status of system (CPU/Mem) resources on PE Infrastructure nodes.")
pe_infrastructure = select_hosts({:roles => ['master', 'compile_master', 'pe_compiler', 'dashboard', 'database']}, hosts)
pe_infrastructure.each do |host|
on host, "top -bn1", :accept_all_exit_codes => true
on host, "vmstat 1 1", :accept_all_exit_codes => true
end
end
#Perform a Puppet Enterprise upgrade or install
# @param [Array<Host>] hosts The hosts to install or upgrade PE on
# @param [Hash{Symbol=>Symbol, String}] opts The options
# @option opts [String] :pe_dir Default directory or URL to pull PE package from
# (Otherwise uses individual hosts pe_dir)
# @option opts [String] :pe_ver Default PE version to install or upgrade to
# (Otherwise uses individual hosts pe_ver)
# @option opts [String] :pe_ver_win Default PE version to install or upgrade to on Windows hosts
# (Otherwise uses individual Windows hosts pe_ver)
# @option opts [Symbol] :type (:install) One of :upgrade or :install
# @option opts [Boolean] :set_console_password Should we set the PE console password in the answers file? Used during upgrade only.
# @option opts [Hash<String>] :answers Pre-set answers based upon ENV vars and defaults
# (See {Beaker::Options::Presets.env_vars})
# @option opts [Boolean] :fetch_local_then_push_to_host determines whether
# you use Beaker as the middleman for this (true), or curl the
# file from the host (false; default behavior)
# @option opts [Boolean] :masterless Are we performing a masterless installation?
#
# @example
# do_install(hosts, {:type => :upgrade, :pe_dir => path, :pe_ver => version, :pe_ver_win => version_win})
#
# @note on windows, the +:ruby_arch+ host parameter can determine in addition
# to other settings whether the 32 or 64bit install is used
#
# @note for puppet-agent install options, refer to
# {Beaker::DSL::InstallUtils::FOSSUtils#install_puppet_agent_pe_promoted_repo_on}
#
# @api private
#
def do_install hosts, opts = {}
# detect the kind of install we're doing
install_type = determine_install_type(hosts, opts)
verify_network_resources(hosts, options[:net_diag_hosts])
verify_vm_resources(hosts)
if opts[:use_proxy]
config_master_for_proxy_access
end
case install_type
when :pe_managed_postgres
do_install_pe_with_pe_managed_external_postgres(hosts,opts)
when :simple_monolithic
simple_monolithic_install(hosts.first, hosts.drop(1), opts)
when :simple_split
# This isn't implemented yet, so just do a generic install instead
#simple_split_install(hosts, opts)
generic_install(hosts, opts)
else
generic_install(hosts, opts)
end
end
def has_all_roles?(host, roles)
roles.all? {|role| host['roles'].include?(role)}
end
# Determine what kind of install is being performed
# @param [Array<Host>] hosts The sorted hosts to install or upgrade PE on
# @param [Hash{Symbol=>Symbol, String}] opts The options for how to install or upgrade PE
#
# @example
# determine_install_type(hosts, {:type => :install, :pe_ver => '2017.2.0'})
#
# @return [Symbol]
# One of :generic, :simple_monolithic, :simple_split, :pe_managed_postgres
# :simple_monolithic
# returned when installing >=2016.4 with a monolithic master and
# any number of frictionless agents
# :simple_split
# returned when installing >=2016.4 with a split install and any
# number of frictionless agents
# :pe_managed_postgres
# returned when installing PE with postgres being managed on a node
# that is different then the database node
# :generic
# returned for any other install or upgrade
#
# @api private
def determine_install_type(hosts, opts)
# Do a generic install if this is masterless, not all the same PE version, an upgrade, or earlier than 2016.4
return :generic if opts[:masterless]
return :generic if hosts.map {|host| host['pe_ver']}.uniq.length > 1
return :generic if (opts[:type] == :upgrade) && (hosts.none? {|host| host['roles'].include?('pe_postgres')})
return :generic if version_is_less(opts[:pe_ver] || hosts.first['pe_ver'], '2016.4')
#PE-20610 Do a generic install for old versions on windows that needs msi install because of PE-18351
return :generic if hosts.any? {|host| host['platform'] =~ /windows/ && install_via_msi?(host)}
mono_roles = ['master', 'database', 'dashboard']
if has_all_roles?(hosts.first, mono_roles) && hosts.drop(1).all? {|host| host['roles'].include?('frictionless')}
:simple_monolithic
elsif hosts[0]['roles'].include?('master') && hosts[1]['roles'].include?('database') && hosts[2]['roles'].include?('dashboard') && hosts.drop(3).all? {|host| host['roles'].include?('frictionless')}
:simple_split
elsif hosts.any? {|host| host['roles'].include?('pe_postgres')}
:pe_managed_postgres
else
:generic
end
end
# Install PE on a monolithic master and some number of frictionless agents.
# @param [Host] master The node to install the master on
# @param [Array<Host>] agents The nodes to install agents on
# @param [Hash{Symbol=>Symbol, String}] opts The options for how to install or upgrade PE
#
# @example
# simple_monolithic_install(master, agents, {:type => :install, :pe_ver => '2017.2.0'})
#
# @return nil
#
# @api private
def simple_monolithic_install(master, agents, opts={})
step "Performing a standard monolithic install with frictionless agents"
all_hosts = [master, *agents]
configure_type_defaults_on([master])
# Set PE distribution on the agents, creates working directories
prepare_hosts(all_hosts, opts)
fetch_pe([master], opts)
prepare_host_installer_options(master)
register_feature_flags!(opts)
generate_installer_conf_file_for(master, all_hosts, opts)
step "Install PE on master" do
on master, installer_cmd(master, opts)
end
step "Stop agent on master" do
stop_agent_on(master)
end
if manage_puppet_service?(master[:pe_ver], options)
configure_puppet_agent_service(:ensure => 'stopped', :enabled => false)
end
step "Run puppet to setup mcollective and pxp-agent" do
on(master, puppet_agent('-t'), :acceptable_exit_codes => [0,2])
end
install_agents_only_on(agents, opts)
step "Run puppet a second time on the primary to populate services.conf (PE-19054)" do
on(master, puppet_agent('-t'), :acceptable_exit_codes => [0,2])
end
end
# Configure the master to use a proxy and drop unproxied connections
def config_master_for_proxy_access
step "configuring master to use proxy" do
@osmirror_host = "osmirror.delivery.puppetlabs.net"
@osmirror_host_ip = IPSocket.getaddress(@osmirror_host)
@delivery_host = "enterprise.delivery.puppetlabs.net"
@delivery_host_ip = IPSocket.getaddress(@delivery_host)
@proxy_ip = @options[:proxy_ip]
@proxy_hostname = @options[:proxy_hostname]
@master_ip = on master, "hostname -I | tr '\n' ' '"
on master, "echo \"#{@proxy_ip} #{@proxy_hostname}\" >> /etc/hosts"
on master, "echo \"#{@master_ip.stdout} #{master.connection.vmhostname}\" >> /etc/hosts"
on master, "echo \"#{@osmirror_host_ip} #{@osmirror_host}\" >> /etc/hosts"
on master, "echo \"#{@delivery_host_ip} #{@delivery_host}\" >> /etc/hosts"
on master, "iptables -A OUTPUT -p tcp -d #{master.connection.vmhostname} -j ACCEPT"
# the next two lines clear the internal puppet lan
on master, "iptables -A OUTPUT -p tcp -d 10.16.0.0/16 -j ACCEPT"
on master, "iptables -A OUTPUT -p tcp -d 10.32.0.0/16 -j ACCEPT"
on master, "iptables -A OUTPUT -p tcp --dport 3128 -d #{@proxy_hostname} -j ACCEPT"
on master, "iptables -A OUTPUT -p tcp -d #{@osmirror_host_ip} -j DROP"
on master, "iptables -A OUTPUT -p tcp -d #{@delivery_host_ip} -j DROP"
on master, "iptables -P OUTPUT DROP"
on master, "curl --proxy #{@proxy_hostname}:3128 http://#{@osmirror_host}", :acceptable_exit_codes => [0]
on master, "curl -k https://#{@osmirror_host}", :acceptable_exit_codes => [1,7]
if master.host_hash[:platform].include?("ubuntu")
on master, "echo 'Acquire::http::Proxy \"http://'#{@proxy_hostname}':3128/\";' >> /etc/apt/apt.conf"
on master, "echo 'Acquire::https::Proxy \"http://'#{@proxy_hostname}':3128/\";' >> /etc/apt/apt.conf"
else
on master, "echo \"proxy=http://#{@proxy_hostname}:3128\" >> /etc/yum.conf"
end
end
end
def generic_install hosts, opts = {}
step "Installing PE on a generic set of hosts"
masterless = opts[:masterless]
opts[:type] = opts[:type] || :install
unless masterless
pre30database = version_is_less(opts[:pe_ver] || database['pe_ver'], '3.0')
pre30master = version_is_less(opts[:pe_ver] || master['pe_ver'], '3.0')
end
pe_versions = ( [] << opts['pe_ver'] << hosts.map{ |host| host['pe_ver'] } ).flatten.compact
agent_only_check_needed = version_is_less('3.99', max_version(pe_versions, '3.8'))
if agent_only_check_needed
hosts_agent_only, hosts_not_agent_only = create_agent_specified_arrays(hosts)
else
hosts_agent_only, hosts_not_agent_only = [], hosts.dup
end
# On January 5th, 2017, the extended GPG key has expired. Rather then
# every few months updating this gem to point to a new key for PE versions
# less then PE 2016.4.0 we are going to just ignore the warning when installing
ignore_gpg_key_warning_on_hosts(hosts, opts)
# Set PE distribution for all the hosts, create working dir
prepare_hosts(hosts_not_agent_only, opts)
fetch_pe(hosts_not_agent_only, opts)
install_hosts = hosts.dup
unless masterless
# If we're installing a database version less than 3.0, ignore the database host
install_hosts.delete(database) if pre30database and database != master and database != dashboard
end
install_hosts.each do |host|
if agent_only_check_needed && hosts_agent_only.include?(host) || install_via_msi?(host)
host['type'] = 'aio'
install_params = {
:puppet_agent_version => get_puppet_agent_version(host, opts),
:puppet_agent_sha => host[:puppet_agent_sha] || opts[:puppet_agent_sha],
:pe_ver => host[:pe_ver] || opts[:pe_ver],
:puppet_collection => host[:puppet_collection] || opts[:puppet_collection],
:pe_promoted_builds_url => host[:pe_promoted_builds_url] || opts[:pe_promoted_builds_url]
}
install_params.delete(:pe_promoted_builds_url) if install_params[:pe_promoted_builds_url].nil?
install_puppet_agent_pe_promoted_repo_on(host, install_params)
# 1 since no certificate found and waitforcert disabled
acceptable_exit_codes = [0, 1]
acceptable_exit_codes << 2 if opts[:type] == :upgrade
if masterless
configure_type_defaults_on(host)
on host, puppet_agent('-t'), :acceptable_exit_codes => acceptable_exit_codes
else
setup_defaults_and_config_helper_on(host, master, acceptable_exit_codes)
end
#Windows allows frictionless installs starting with PE Davis, if frictionless we need to skip this step
elsif (host['platform'] =~ /windows/ && !(host['roles'].include?('frictionless')) || install_via_msi?(host))
opts = { :debug => host[:pe_debug] || opts[:pe_debug] }
msi_path = "#{host['working_dir']}\\#{host['dist']}.msi"
install_msi_on(host, msi_path, {}, opts)
# 1 since no certificate found and waitforcert disabled
acceptable_exit_codes = 1
if masterless
configure_type_defaults_on(host)
on host, puppet_agent('-t'), :acceptable_exit_codes => acceptable_exit_codes
else
setup_defaults_and_config_helper_on(host, master, acceptable_exit_codes)
end
else
# We only need answers if we're using the classic installer
version = host['pe_ver'] || opts[:pe_ver]
if host['roles'].include?('frictionless') && (! version_is_less(version, '3.2.0'))
# If We're *not* running the classic installer, we want
# to make sure the master has packages for us.
if host['packaging_platform'] != master['packaging_platform'] # only need to do this if platform differs
deploy_frictionless_to_master(host)
end
install_ca_cert_on(host, opts)
on host, installer_cmd(host, opts)
configure_type_defaults_on(host)
elsif host['platform'] =~ /osx|eos/
# If we're not frictionless, we need to run the OSX special-case
on host, installer_cmd(host, opts)
acceptable_codes = host['platform'] =~ /osx/ ? [1] : [0, 1]
setup_defaults_and_config_helper_on(host, master, acceptable_codes)
else
prepare_host_installer_options(host)
register_feature_flags!(opts)
setup_pe_conf(host, hosts, opts)
on host, installer_cmd(host, opts)
configure_type_defaults_on(host)
download_pe_conf_if_master(host)
end
end
# On each agent, we ensure the certificate is signed
if !masterless
if [master, database, dashboard].include?(host) && use_meep?(host['pe_ver'])
# This step is not necessary for the core pe nodes when using meep
else
step "Sign certificate for #{host}" do
sign_certificate_for(host)
end
end
end
# then shut down the agent
step "Shutting down agent for #{host}" do
stop_agent_on(host)
end
end
unless masterless
# Wait for PuppetDB to be totally up and running (post 3.0 version of pe only)
sleep_until_puppetdb_started(database) unless pre30database
step "First puppet agent run" do
# Run the agent once to ensure everything is in the dashboard
install_hosts.each do |host|
on host, puppet_agent('-t'), :acceptable_exit_codes => [0,2]
# Workaround for PE-1105 when deploying 3.0.0
# The installer did not respect our database host answers in 3.0.0,
# and would cause puppetdb to be bounced by the agent run. By sleeping
# again here, we ensure that if that bounce happens during an upgrade
# test we won't fail early in the install process.
if host == database && ! pre30database
sleep_until_puppetdb_started(database)
check_puppetdb_status_endpoint(database)
end
if host == dashboard
check_console_status_endpoint(host)
end
#Workaround for windows frictionless install, see BKR-943 for the reason
if (host['platform'] =~ /windows/) and (host['roles'].include? 'frictionless')
remove_client_datadir(host)
end
end
end
# only appropriate for pre-3.9 builds
if version_is_less(master[:pe_ver], '3.99')
if pre30master
task = 'nodegroup:add_all_nodes group=default'
else
task = 'defaultgroup:ensure_default_group'
end
on dashboard, "/opt/puppet/bin/rake -sf /opt/puppet/share/puppet-dashboard/Rakefile #{task} RAILS_ENV=production"
end
if manage_puppet_service?(master[:pe_ver], options)
configure_puppet_agent_service(:ensure => 'stopped', :enabled => false)
end
step "Final puppet agent run" do
# Now that all hosts are in the dashbaord, run puppet one more
# time to configure mcollective
install_hosts.each do |host|
on host, puppet_agent('-t'), :acceptable_exit_codes => [0,2]
# To work around PE-14318 if we just ran puppet agent on the
# database node we will need to wait until puppetdb is up and
# running before continuing
if host == database && ! pre30database
sleep_until_puppetdb_started(database)
check_puppetdb_status_endpoint(database)
end
if host == dashboard
check_console_status_endpoint(host)
end
end
end
end
end
# Prepares hosts for rest of {#do_install} operations.
# This includes doing these tasks:
# - setting 'pe_installer' property on hosts
# - setting 'dist' property on hosts
# - creating and setting 'working_dir' property on hosts
#
# @note that these steps aren't necessary for all hosts. Specifically,
# 'agent_only' hosts do not require these steps to be executed.
#
# @param [Array<Host>] hosts Hosts to prepare
# @param [Hash{Symbol=>String}] local_options Local options, used to
# pass misc configuration required for the prep steps
#
# @return nil
def prepare_hosts(hosts, local_options={})
use_all_tar = ENV['PE_USE_ALL_TAR'] == 'true'
hosts.each do |host|
host['pe_installer'] ||= 'puppet-enterprise-installer'
if host['platform'] !~ /windows|osx/
platform = use_all_tar ? 'all' : host['platform']
version = host['pe_ver'] || local_options[:pe_ver]
host['dist'] = "puppet-enterprise-#{version}-#{platform}"
elsif host['platform'] =~ /osx/
version = host['pe_ver'] || local_options[:pe_ver]
host['dist'] = "puppet-enterprise-#{version}-#{host['platform']}"
elsif host['platform'] =~ /windows/
version = host[:pe_ver] || local_options['pe_ver_win']
is_config_32 = true == (host['ruby_arch'] == 'x86') || host['install_32'] || local_options['install_32']
should_install_64bit = !(version_is_less(version, '3.4')) && host.is_x86_64? && !is_config_32
#only install 64bit builds if
# - we are on pe version 3.4+
# - we do not have install_32 set on host
# - we do not have install_32 set globally
if !(version_is_less(version, '3.99'))
if should_install_64bit
host['dist'] = "puppet-agent-#{version}-x64"
else
host['dist'] = "puppet-agent-#{version}-x86"
end
elsif should_install_64bit
host['dist'] = "puppet-enterprise-#{version}-x64"
else
host['dist'] = "puppet-enterprise-#{version}"
end
end
host['dist'] = "puppet-enterprise-#{version}-#{host['packaging_platform']}" if host['packaging_platform'] =~ /redhatfips/
host['working_dir'] = host.tmpdir(Time.new.strftime("%Y-%m-%d_%H.%M.%S"))
end
end
# Gets the puppet-agent version, hopefully from the host or local options.
# Will fall back to reading the `aio_agent_version` property on the master
# if neither of those two options are passed
#
# @note This method does have a side-effect: if it reads the
# `aio_agent_version` property from master, it will store it in the local
# options hash so that it won't have to do this more than once.
#
# @param [Beaker::Host] host Host to get puppet-agent for
# @param [Hash{Symbol=>String}] local_options local method options hash
#
# @return [String] puppet-agent version to install
def get_puppet_agent_version(host, local_options={})
puppet_agent_version = host[:puppet_agent_version] || local_options[:puppet_agent_version]
return puppet_agent_version if puppet_agent_version
log_prefix = "No :puppet_agent_version in host #{host} or local options."
fail_message = "#{log_prefix} Could not read facts from master to determine puppet_agent_version"
# we can query the master because do_install is called passing
# the {#sorted_hosts}, so we know the master will be installed
# before the agents
facts_result = on(master, 'puppet facts')
raise ArgumentError, fail_message if facts_result.exit_code != 0
facts_hash = JSON.parse(facts_result.stdout.chomp)
puppet_agent_version = facts_hash['values']['aio_agent_version']
raise ArgumentError, fail_message if puppet_agent_version.nil?
logger.warn("#{log_prefix} Read puppet-agent version #{puppet_agent_version} from master")
# saving so that we don't have to query the master more than once
local_options[:puppet_agent_version] = puppet_agent_version
puppet_agent_version
end
# True if version is greater than or equal to MEEP_CUTOVER_VERSION (2016.2.0)
def use_meep?(version)
!version_is_less(version, MEEP_CUTOVER_VERSION)
end
# Tests if a feature flag has been set in the answers hash provided to beaker
# options. Assumes a 'feature_flags' hash is present in the answers and looks for
# +flag+ within it.
#
# @param flag String flag to lookup
# @param opts Hash options hash to inspect
# @return true if +flag+ is true or 'true' in the feature_flags hash,
# false otherwise. However, returns nil if there is no +flag+ in the
# answers hash at all
def feature_flag?(flag, opts)
Beaker::DSL::InstallUtils::FeatureFlags.new(opts).flag?(flag)
end
# @deprecated the !version_is_less(host['pe_ver'], '3.99') can be removed once we no longer support pre 2015.2.0 PE versions
# Check if windows host is able to frictionlessly install puppet
# @param [Beaker::Host] host that we are checking if it is possible to install frictionlessly to
# @return [Boolean] true if frictionless is supported and not affected by known bugs
def install_via_msi?(host)
#windows agents from 4.0 -> 2016.1.2 were only installable via the aio method
#powershell2 bug was fixed in PE 2016.4.3, and PE 2017.1.0, but not 2016.5.z.
(host['platform'] =~ /windows/ && (version_is_less(host['pe_ver'], '2016.4.0') && !version_is_less(host['pe_ver'], '3.99'))) ||
(host['platform'] =~ /windows-2008r2/ && (version_is_less(host['pe_ver'], '2016.4.3') && !version_is_less(host['pe_ver'], '3.99'))) ||
(host['platform'] =~ /windows-2008r2/ && (!version_is_less(host['pe_ver'], '2016.4.99') && version_is_less(host['pe_ver'], '2016.5.99') && !version_is_less(host['pe_ver'], '3.99')))
end
# Runs puppet on all nodes, unless they have the roles: master,database,console/dashboard
# @param [Array<Host>] hosts The sorted hosts to install or upgrade PE on
def run_puppet_on_non_infrastructure_nodes(all_hosts)
pe_infrastructure = select_hosts({:roles => ['master', 'compile_master', 'pe_compiler', 'dashboard', 'database']}, all_hosts)
non_infrastructure = all_hosts.reject{|host| pe_infrastructure.include? host}
on non_infrastructure, puppet_agent('-t'), :acceptable_exit_codes => [0,2], :run_in_parallel => true
end
# Whether or not PE should be managing the puppet service on agents.
# Puppet code to manage the puppet service was added to the next branches
# and is slated to be merged into 2018.1.x
#
# Returns true if the version we are managing is greater than or equal to
# MANAGE_PUPPET_SERVICE_VERSION.
#
# Temporarily, (until merged from 'next' branches into 2018.1.x), also checks
# the pe_modules_next flag to know whether or not the code for managing puppet
# service is present.
def manage_puppet_service?(version, opts)
# PE-23651 remove vv
register_feature_flags!(opts)
temporary_flag = !!feature_flag?('pe_modules_next', opts)
# ^^
!version_is_less(version, MANAGE_PUPPET_SERVICE_VERSION) && temporary_flag
end
# True if version is greater than or equal to MEEP_CLASSIFICATION_VERSION
# (PE-18718) AND the temporary feature flag is true.
#
# The temporary feature flag is meep_classification and can be set in
# the :answers hash given in beaker's host.cfg, inside a feature_flags
# hash. It will also be picked up from the environment as
# MEEP_CLASSIFICATION. (See register_feature_flags!())
#
# The :answers hash value will take precedence over the env variable.
#
# @param version String the current PE version
# @param opts Hash options hash to inspect for :answers
# @return Boolean true if version and flag allows for meep classification
# feature.
def use_meep_for_classification?(version, opts)
# PE-19470 remove vv
register_feature_flags!(opts)
temporary_flag = feature_flag?('meep_classification', opts)
temporary_flag = DEFAULT_MEEP_CLASSIFICATION if temporary_flag.nil?
# ^^
!version_is_less(version, MEEP_CLASSIFICATION_VERSION) && temporary_flag
end
# For PE 3.8.5 to PE 2016.1.2 they have an expired gpg key. This method is
# for deb nodes to ignore the gpg-key expiration warning
def ignore_gpg_key_warning_on_hosts(hosts, opts)
hosts.each do |host|
# RPM based platforms do not seem to be effected by an expired GPG key,
# while deb based platforms are failing.
if host['platform'] =~ /debian|ubuntu/
host_ver = host['pe_ver'] || opts['pe_ver']
if version_is_less(host_ver, '3.8.7') || (!version_is_less(host_ver, '2015.2.0') && version_is_less(host_ver, '2016.4.0'))
on(host, "echo 'APT { Get { AllowUnauthenticated \"1\"; }; };' >> /etc/apt/apt.conf")
end
end
end
end
# Set installer options on the passed *host* according to current
# version.
#
# Sets:
# * 'pe_installer_conf_file'
# * 'pe_installer_conf_setting'
#
# @param [Beaker::Host] host The host object to configure
# @return [Beaker::Host] The same host object passed in
def prepare_host_installer_options(host)
if use_meep?(host['pe_ver'])
conf_file = "#{host['working_dir']}/pe.conf"
host['pe_installer_conf_file'] = conf_file
host['pe_installer_conf_setting'] = "-c #{conf_file}"
else
conf_file = "#{host['working_dir']}/answers"
host['pe_installer_conf_file'] = conf_file
host['pe_installer_conf_setting'] = "-a #{conf_file}"
end
host
end
# Adds in settings needed by BeakerAnswers:
#
# * :format => :bash or :hiera depending on which legacy or meep format we need
# * :include_legacy_database_defaults => true or false. True
# indicates that we are upgrading from a legacy version and
# BeakerAnswers should include the database defaults for user
# which were set for the legacy install.
#
# @param [Beaker::Host] host that we are generating answers for
# @param [Hash] opts The Beaker options hash
# @return [Hash] a dup of the opts hash with additional settings for BeakerAnswers
def setup_beaker_answers_opts(host, opts)
beaker_answers_opts = use_meep?(host['pe_ver']) ?
{ :format => :hiera } :
{ :format => :bash }
beaker_answers_opts[:include_legacy_database_defaults] =
opts[:type] == :upgrade && !use_meep?(host['previous_pe_ver'])
modified_opts = opts.merge(beaker_answers_opts)
answers_hash = modified_opts[:answers] ||= {}
if !answers_hash.include?(:meep_schema_version)
if feature_flag?(:meep_classification, opts)
answers_hash[:meep_schema_version] = '2.0'
elsif use_meep?(host['pe_ver'])
answers_hash[:meep_schema_version] = '1.0'
end
end
modified_opts
end
# The pe-modules-next package is being used for isolating large scale
# feature development of PE module code. The feature flag is a pe.conf
# setting 'feature_flags::pe_modules_next', which if set true will
# cause the installer shim to install the pe-modules-next package
# instead of pe-modules.
#
# This answer can be explicitly added to Beaker's cfg file by adding it
# to the :answers section.
#
# But it can also be picked up transparently from CI via the
# PE_MODULES_NEXT environment variable. If this is set 'true', then
# the opts[:answers] will be set with feature_flags::pe_modules_next.
#
# Answers set in Beaker's config file will take precedence over the
# environment variable.
#
# NOTE: This has implications for upgrades, because upgrade testing
# will need the flag, but upgrades from different pe.conf schema (or no
# pe.conf) will need to generate a pe.conf, and that workflow is likely
# to happen in the installer shim. If we simply supply a good pe.conf
# via beaker-answers, then we have bypassed the pe.conf generation
# aspect of the upgrade workflow. (See PE-19438)
def register_feature_flags!(opts)
Beaker::DSL::InstallUtils::FeatureFlags.new(opts).register_flags!
end
# PE 2018.1.0 has mco disabled by default. If we are running hosts with
# roles hub or spoke then we intend to test mco. In this case we need
# to change a setting in pe.conf to allow mco to be enabled.
def get_mco_setting(hosts)
pe_version = hosts[0]['pe_ver']
if (!version_is_less(pe_version, '2018.1') && version_is_less(pe_version, '2018.1.999'))
if (hosts.any? {|h| h['roles'].include?('hub') || h['roles'].include?('spoke')})
return {:answers => { 'pe_install::disable_mco' => false }}
end
end
return {}
end
# Generates a Beaker Answers object for the passed *host* and creates
# the answer or pe.conf configuration file on the *host* needed for
# installation.
#
# Expects the host['pe_installer_conf_file'] to have been set, which is
# where the configuration will be written to, and will run MEEP or legacy
# depending on host[:pe_ver]
#
# @param [Beaker::Host] host The host to create a configuration file on
# @param [Array<Beaker::Host]> hosts All of the hosts to be configured
# @param [Hash] opts The Beaker options hash
# @return [BeakerAnswers::Answers] the generated answers object
def generate_installer_conf_file_for(host, hosts, opts)
possible_mco_enabled_setting = get_mco_setting(hosts)
opts ||= {}
opts = possible_mco_enabled_setting.deep_merge(opts)
beaker_answers_opts = setup_beaker_answers_opts(host, opts)
answers = BeakerAnswers::Answers.create(
opts[:pe_ver] || host['pe_ver'], hosts, beaker_answers_opts
)
configuration = answers.installer_configuration_string(host)
step "Generate the #{host['pe_installer_conf_file']} on #{host}" do
logger.debug(configuration)
create_remote_file(host, host['pe_installer_conf_file'], configuration)
end
answers
end
# Builds the agent_only and not_agent_only arrays needed for installation.
#
# @param [Array<Host>] hosts hosts to split up into the arrays
#
# @note should only be called against versions 4.0+, as this method
# assumes AIO packages will be required.
#
# @note agent_only hosts with the :pe_ver setting < 4.0 will not be
# included in the agent_only array, as AIO install can only happen
# in versions > 4.0
#
# @api private
# @return [Array<Host>, Array<Host>]
# the array of hosts to do an agent_only install on and
# the array of hosts to do our usual install methods on
def create_agent_specified_arrays(hosts)
hosts_agent_only = []
hosts_not_agent_only = []
non_agent_only_roles = %w(master database dashboard console frictionless)
hosts.each do |host|
if host['roles'].none? {|role| non_agent_only_roles.include?(role) }
if !aio_version?(host)
hosts_not_agent_only << host
else
hosts_agent_only << host
end
else
hosts_not_agent_only << host
end
end
return hosts_agent_only, hosts_not_agent_only
end
# Helper for setting up pe_defaults & setting up the cert on the host
# @param [Host] host host to setup
# @param [Host] master the master host, for setting up the relationship
# @param [Array<Fixnum>] acceptable_exit_codes The exit codes that we want to ignore
#
# @return nil
# @api private
def setup_defaults_and_config_helper_on(host, master, acceptable_exit_codes=nil)
configure_type_defaults_on(host)
#set the certname and master
on host, puppet("config set server #{master}")
on host, puppet("config set certname #{host}")
#run once to request cert
on host, puppet_agent('-t'), :acceptable_exit_codes => acceptable_exit_codes
end
#Install PE based on global hosts with global options
#@see #install_pe_on
def install_pe
install_pe_on(hosts, options)
end
def check_puppetdb_status_endpoint(host)
if version_is_less(host['pe_ver'], '2016.1.0')
return true
end
Timeout.timeout(60) do
match = nil
while not match
output = on(host, "curl -s http://localhost:8080/pdb/meta/v1/version", :accept_all_exit_codes => true)
match = output.stdout =~ /version.*\d+\.\d+\.\d+/
sleep 1
end
end
rescue Timeout::Error
fail_test "PuppetDB took too long to start"
end
# Checks Console Status Endpoint, failing the test if the
# endpoints don't report a running state.
#
# @param [Host] host Host to check status on
#
# @note Uses the global option's :pe_console_status_attempts
# value to determine how many times it's going to retry the
# check with fibonacci back offs.
#
# @return nil
def check_console_status_endpoint(host)
return true if version_is_less(host['pe_ver'], '2015.2.0')
attempts_limit = options[:pe_console_status_attempts] || 9
# Workaround for PE-14857. The classifier status service at the
# default level is broken in 2016.1.1. Instead we need to query
# the classifier service at critical level and check for service
# status
query_params = (host['pe_ver'] == '2016.1.1' ? '?level=critical' : '')
step 'Check Console Status Endpoint' do
match = repeat_fibonacci_style_for(attempts_limit) do
output = on(host, "curl -s -k https://localhost:4433/status/v1/services#{query_params} --cert /etc/puppetlabs/puppet/ssl/certs/#{host}.pem --key /etc/puppetlabs/puppet/ssl/private_keys/#{host}.pem --cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem", :accept_all_exit_codes => true)
begin
output = JSON.parse(output.stdout)
match = output['classifier-service']['state'] == 'running'
match = match && output['rbac-service']['state'] == 'running'
match && output['activity-service']['state'] == 'running'
rescue JSON::ParserError
false
end
end
fail_test 'Console services took too long to start' if !match
end
end
#Install PE based upon host configuration and options
#
# @param [Host, Array<Host>] install_hosts One or more hosts to act upon
# @!macro common_opts
# @option opts [Boolean] :masterless Are we performing a masterless installation?
# @option opts [String] :puppet_agent_version Version of puppet-agent to install. Required for PE agent
# only hosts on 4.0+
# @option opts [String] :puppet_agent_sha The sha of puppet-agent to install, defaults to puppet_agent_version.
# Required for PE agent only hosts on 4.0+
# @option opts [String] :pe_ver The version of PE (will also use host['pe_ver']), defaults to '4.0'
# @option opts [String] :puppet_collection The puppet collection for puppet-agent install.
#
# @example
# install_pe_on(hosts, {})
#
# @note Either pe_ver and pe_dir should be set in the ENV or each host should have pe_ver and pe_dir set individually.
# Install file names are assumed to be of the format puppet-enterprise-VERSION-PLATFORM.(tar)|(tar.gz)
# for Unix like systems and puppet-enterprise-VERSION.msi for Windows systems.
#
# @note For further installation parameters (such as puppet-agent install)
# options, refer to {#do_install} documentation
#
def install_pe_on(install_hosts, opts)
confine_block(:to, {}, install_hosts) do
sorted_hosts.each do |host|
#process the version files if necessary
host['pe_dir'] ||= opts[:pe_dir]
if host['platform'] =~ /windows/
# we don't need the pe_version if:
# * master pe_ver > 4.0
if not (!opts[:masterless] && master[:pe_ver] && !version_is_less(master[:pe_ver], '3.99'))
host['pe_ver'] ||= Beaker::Options::PEVersionScraper.load_pe_version(host[:pe_dir] || opts[:pe_dir], opts[:pe_version_file_win])
else
# inherit the master's version
host['pe_ver'] ||= master[:pe_ver]
end
else
host['pe_ver'] ||= Beaker::Options::PEVersionScraper.load_pe_version(host[:pe_dir] || opts[:pe_dir], opts[:pe_version_file])
end
end
do_install sorted_hosts, opts
end
end
#Upgrade PE based upon global host configuration and global options
#@see #upgrade_pe_on
def upgrade_pe path=nil
upgrade_pe_on(hosts, options, path)
end
#Upgrade PE based upon host configuration and options
# @param [Host, Array<Host>] upgrade_hosts One or more hosts to act upon
# @!macro common_opts
# @param [String] path A path (either local directory or a URL to a listing of PE builds).
# Will contain a LATEST file indicating the latest build to install.
# This is ignored if a pe_upgrade_ver and pe_upgrade_dir are specified
# in the host configuration file.
# @example
# upgrade_pe_on(agents, {}, "http://neptune.puppetlabs.lan/3.0/ci-ready/")
#
# @note Install file names are assumed to be of the format puppet-enterprise-VERSION-PLATFORM.(tar)|(tar.gz)
# for Unix like systems and puppet-enterprise-VERSION.msi for Windows systems.
def upgrade_pe_on upgrade_hosts, opts, path=nil
confine_block(:to, {}, upgrade_hosts) do
set_console_password = false
# if we are upgrading from something lower than 3.4 then we need to set the pe console password
if (dashboard[:pe_ver] ? version_is_less(dashboard[:pe_ver], "3.4.0") : true)
set_console_password = true
end
# get new version information
hosts.each do |host|
prep_host_for_upgrade(host, opts, path)
end
do_install(sorted_hosts, opts.merge({:type => :upgrade, :set_console_password => set_console_password}))
opts['upgrade'] = true
end
end
#Prep a host object for upgrade; used inside upgrade_pe_on
# @param [Host] host A single host object to prepare for upgrade
# !macro common_opts
# @param [String] path A path (either local directory or a URL to a listing of PE builds).
# Will contain a LATEST file indicating the latest build to install.
# This is ignored if a pe_upgrade_ver and pe_upgrade_dir are specified
# in the host configuration file.
# @example
# prep_host_for_upgrade(master, {}, "http://neptune.puppetlabs.lan/3.0/ci-ready/")
def prep_host_for_upgrade(host, opts={}, path='')
host['pe_dir'] = host['pe_upgrade_dir'] || path
host['previous_pe_ver'] = host['pe_ver']
if host['platform'] =~ /windows/
host['pe_ver'] = host['pe_upgrade_ver'] || opts['pe_upgrade_ver'] ||
Options::PEVersionScraper.load_pe_version(host['pe_dir'], opts[:pe_version_file_win])
else
host['pe_ver'] = host['pe_upgrade_ver'] || opts['pe_upgrade_ver'] ||
Options::PEVersionScraper.load_pe_version(host['pe_dir'], opts[:pe_version_file])
end
if version_is_less(host['pe_ver'], '3.0')
host['pe_installer'] ||= 'puppet-enterprise-upgrader'
end
end
#Create the Higgs install command string based upon the host and options settings. Installation command will be run as a
#background process. The output of the command will be stored in the provided host['higgs_file'].
# @param [Host] host The host that Higgs is to be installed on
# The host object must have the 'working_dir', 'dist' and 'pe_installer' field set correctly.
# @api private
def higgs_installer_cmd host
higgs_answer = determine_higgs_answer(host['pe_ver'])
"cd #{host['working_dir']}/#{host['dist']} ; nohup ./#{host['pe_installer']} <<<#{higgs_answer} > #{host['higgs_file']} 2>&1 &"
end
# Determines the answer to supply to the command line installer in order to load up Higgs
# @return [String]
# One of, 'Y', '1', '2'
# 'Y'
# Pre-meep install of Higgs (Before PE 2016.2.0)
# '1'
# meep before PE 2018.1.3 (PE 2016.2.0 -> PE 2018.1.2)
# '2'
# Any meep PE 2018.1.3 or greater
def determine_higgs_answer(pe_ver)
if(use_meep?(pe_ver))
if(version_is_less(pe_ver, '2018.1.3'))
return '1'
elsif(version_is_less(pe_ver, '2019.0.2'))
return '2'
else
return '3'
end
else
return 'Y'
end
end
#Perform a Puppet Enterprise Higgs install up until web browser interaction is required, runs on linux hosts only.
# @param [Host] host The host to install higgs on
# @param [Hash{Symbol=>Symbol, String}] opts The options
# @option opts [String] :pe_dir Default directory or URL to pull PE package from
# (Otherwise uses individual hosts pe_dir)
# @option opts [String] :pe_ver Default PE version to install
# (Otherwise uses individual hosts pe_ver)
# @option opts [Boolean] :fetch_local_then_push_to_host determines whether
# you use Beaker as the middleman for this (true), or curl the
# file from the host (false; default behavior)
# @raise [StandardError] When installation times out
#
# @example
# do_higgs_install(master, {:pe_dir => path, :pe_ver => version})
#
# @api private
#
def do_higgs_install host, opts
use_all_tar = ENV['PE_USE_ALL_TAR'] == 'true'
platform = use_all_tar ? 'all' : host['platform']
version = host['pe_ver'] || opts[:pe_ver]
host['dist'] = "puppet-enterprise-#{version}-#{platform}"
use_all_tar = ENV['PE_USE_ALL_TAR'] == 'true'
host['pe_installer'] ||= 'puppet-enterprise-installer'
host['working_dir'] = host.tmpdir(Time.new.strftime("%Y-%m-%d_%H.%M.%S"))
fetch_pe([host], opts)
host['higgs_file'] = "higgs_#{File.basename(host['working_dir'])}.log"
prepare_host_installer_options(host)
on host, higgs_installer_cmd(host), opts
#wait for output to host['higgs_file']
#we're all done when we find this line in the PE installation log
if version_is_less(opts[:pe_ver] || host['pe_ver'], '2016.3')
higgs_re = /Please\s+go\s+to\s+https:\/\/.*\s+in\s+your\s+browser\s+to\s+continue\s+installation/m
else
higgs_re = /o\s+to\s+https:\/\/.*\s+in\s+your\s+browser\s+to\s+continue\s+installation/m
end
res = Result.new(host, 'tmp cmd')
tries = 10
attempts = 0
prev_sleep = 0
cur_sleep = 1
while (res.stdout !~ higgs_re) and (attempts < tries)
res = on host, "cd #{host['working_dir']}/#{host['dist']} && cat #{host['higgs_file']}", :accept_all_exit_codes => true
attempts += 1
sleep( cur_sleep )
prev_sleep = cur_sleep
cur_sleep = cur_sleep + prev_sleep
end
if attempts >= tries
raise "Failed to kick off PE (Higgs) web installation"
end
end
#Install Higgs up till the point where you need to continue installation in a web browser, defaults to execution
#on the master node.
#@param [Host] higgs_host The host to install Higgs on (supported on linux platform only)
# @example
# install_higgs
#
# @note Either pe_ver and pe_dir should be set in the ENV or each host should have pe_ver and pe_dir set individually.
# Install file names are assumed to be of the format puppet-enterprise-VERSION-PLATFORM.(tar)|(tar.gz).
#
def install_higgs( higgs_host = master )
#process the version files if necessary
master['pe_dir'] ||= options[:pe_dir]
master['pe_ver'] = master['pe_ver'] || options['pe_ver'] ||
Beaker::Options::PEVersionScraper.load_pe_version(master[:pe_dir] || options[:pe_dir], options[:pe_version_file])
if higgs_host['platform'] =~ /osx|windows/
raise "Attempting higgs installation on host #{higgs_host.name} with unsupported platform #{higgs_host['platform']}"
end
#send in the global options hash
do_higgs_install higgs_host, options
end
#Installs PE with a PE managed external postgres
def do_install_pe_with_pe_managed_external_postgres(hosts, opts)
pe_infrastructure = select_hosts({:roles => ['master', 'dashboard', 'database', 'pe_postgres']}, hosts)
non_infrastructure = hosts.reject{|host| pe_infrastructure.include? host}
is_upgrade = (original_pe_ver(hosts[0]) != hosts[0][:pe_ver])
step "Setup tmp installer directory and pe.conf" do
prepare_hosts(pe_infrastructure,opts)
register_feature_flags!(opts)
fetch_pe(pe_infrastructure,opts)
[master, database, dashboard, pe_postgres].uniq.each do |host|
configure_type_defaults_on(host)
prepare_host_installer_options(host)
unless is_upgrade
setup_pe_conf(host, hosts, opts)
end
end
end
unless is_upgrade
step "Initial master install, expected to fail due to RBAC database not being initialized" do
begin
execute_installer_cmd(master, opts)
rescue Beaker::Host::CommandFailure => e
unless is_expected_pe_postgres_failure?(master)
raise "Install on master failed in an unexpected manner"
end
end
end
end
step "Install/Upgrade postgres service on pe-postgres node" do
execute_installer_cmd(pe_postgres, opts)
end
step "Finish install/upgrade on infrastructure" do
[master, database, dashboard].uniq.each do |host|
execute_installer_cmd(host, opts)
end
end
step "Stop agent service on infrastructure nodes" do
stop_agent_on(pe_infrastructure, :run_in_parallel => true)
end
step "First puppet run on infrastructure + postgres node" do
[master, database, dashboard, pe_postgres].uniq.each do |host|
on host, 'puppet agent -t', :acceptable_exit_codes => [0,2]
end
end
if(non_infrastructure.size > 0)
install_agents_only_on(non_infrastructure, opts)
step "Run puppet to setup mcollective and pxp-agent" do
on master, 'puppet agent -t', :acceptable_exit_codes => [0,2]
run_puppet_on_non_infrastructure_nodes(non_infrastructure)
end
end
step "Run puppet a second time on the primary to populate services.conf (PE-19054)" do
on master, 'puppet agent -t', :acceptable_exit_codes => [0,2]
end
end
#Check the lastest install log to confirm the expected failure is there
def is_expected_pe_postgres_failure?(host)
installer_log_dir = '/var/log/puppetlabs/installer'
latest_installer_log_file = on(host, "ls -1t #{installer_log_dir} | head -n1").stdout.chomp
# As of PE Irving (PE 2018.1.x), these are the only two expected errors
allowed_errors = ["The operation could not be completed because RBACs database has not been initialized",
"Timeout waiting for the database pool to become ready",
"Systemd restart for pe-console-services failed",
"Execution of.*service pe-console-services.*: Reload timed out after 120 seconds"]
allowed_errors.each do |error|
if(on(host, "grep '#{error}' #{installer_log_dir}/#{latest_installer_log_file}", :acceptable_exit_codes => [0,1]).exit_code == 0)
return true
end
end
false
end
# Grabs the pe file from a remote host to the machine running Beaker, then
# scp's the file out to the host.
#
# @param [Host] host The host to install on
# @param [String] path path to the install file
# @param [String] filename the filename of the pe file (without the extension)
# @param [String] extension the extension of the pe file
# @param [String] local_dir the directory to store the pe file in on
# the Beaker-running-machine
#
# @api private
# @return nil
def fetch_and_push_pe(host, path, filename, extension, local_dir='tmp/pe')
fetch_http_file("#{path}", "#{filename}#{extension}", local_dir)
scp_to host, "#{local_dir}/#{filename}#{extension}", host['working_dir']
end
# Being able to modify PE's classifier requires the Scooter gem and
# helpers which are in beaker-pe-large-environments.
def get_console_dispatcher_for_beaker_pe(raise_exception = false)
# XXX RE-8616, once scooter is public, we can remove this and just
# reference ConsoleDispatcher directly.
if !respond_to?(:get_dispatcher)
begin
require 'scooter'
Scooter::HttpDispatchers::ConsoleDispatcher.new(dashboard)
rescue LoadError => e
logger.notify('WARNING: gem scooter is required for frictionless installation post 3.8')
raise e if raise_exception
return nil
end
else
get_dispatcher
end
end
# Will raise a LoadError if unable to require Scooter.
def get_console_dispatcher_for_beaker_pe!
get_console_dispatcher_for_beaker_pe(true)
end
# In PE versions >= 2018.1.0, allows you to configure the puppet agent
# service for all nodes.
#
# @param parameters [Hash] - agent profile parameters
# @option parameters [Boolean] :managed - whether or not to manage the
# agent resource at all (Optional, defaults to true).
# @option parameters [String] :ensure - 'stopped', 'running'
# @option parameters [Boolean] :enabled - whether the service will be
# enabled (for restarts)
# @raise [StandardError] if master version is less than 2017.1.0
def configure_puppet_agent_service(parameters)
raise(StandardError, "Can only manage puppet service in PE versions >= #{MANAGE_PUPPET_SERVICE_VERSION}; tried for #{master['pe_ver']}") if version_is_less(master['pe_ver'], MANAGE_PUPPET_SERVICE_VERSION)
puppet_managed = parameters.include?(:managed) ? parameters[:managed] : true
puppet_ensure = parameters[:ensure]
puppet_enabled = parameters[:enabled]
msg = puppet_managed ?
"Configure agents '#{puppet_ensure}' and #{puppet_enabled ? 'enabled' : 'disabled'}" :
"Do not manage agents"
step msg do
# PE-18799 and remove this conditional
if use_meep_for_classification?(master[:pe_ver], options)
class_name = 'pe_infrastructure::agent'
else
class_name = 'puppet_enterprise::profile::agent'
end
# update pe conf
update_pe_conf({
"#{class_name}::puppet_service_managed" => puppet_managed,
"#{class_name}::puppet_service_ensure" => puppet_ensure,
"#{class_name}::puppet_service_enabled" => puppet_enabled,
})
end
end
# Given a hash of parameters, updates the primary master's pe.conf, adding or
# replacing, or removing the given parameters.
#
# To remove a parameter, pass a nil as its value
#
# Handles stringifying and quoting namespaced keys, and also preparing non
# string values using Hocon::ConfigValueFactory.
#
# Logs the state of pe.conf before and after.
#
# @example
# # Assuming pe.conf looks like:
# # {
# # "bar": "baz"
# # "old": "item"
# # }
#
# update_pe_conf(
# {
# "foo" => "a",
# "bar" => "b",
# "old" => nil,
# }
# )
#
# # Will produce a pe.conf like:
# # {
# # "bar": "b"
# # "foo": "a"
# # }
#
# @param parameters [Hash] Hash of parameters to be included in pe.conf.
# @param pe_conf_file [String] The file to update
# (/etc/puppetlabs/enterprise/conf.d/pe.conf by default)
def update_pe_conf(parameters, pe_conf_file = PE_CONF_FILE)
step "Update #{pe_conf_file} with #{parameters}" do
hocon_file_edit_in_place_on(master, pe_conf_file) do |host,doc|
updated_doc = parameters.reduce(doc) do |pe_conf,param|
key, value = param
hocon_key = quoted_hocon_key(key)
hocon_value = case value
when String
# ensure unquoted string values are quoted for uniformity
then value.match(/^[^"]/) ? %Q{"#{value}"} : value
else Hocon::ConfigValueFactory.from_any_ref(value, nil)
end
updated = case value
when String
pe_conf.set_value(hocon_key, hocon_value)
when nil
pe_conf.remove_value(hocon_key)
else
pe_conf.set_config_value(hocon_key, hocon_value)
end
updated
end
# return the modified document
updated_doc
end
on(master, "cat #{pe_conf_file}")
end
end
# Sync pe.conf from the master to another infrastructure node.
# Useful when updating pe.conf to reconfigure infrastructure, where
# you first update_pe_conf then sync_pe_conf to infrastructure hosts.
#
# @param [Host] host The host to sync to
# @param pe_conf_file [String] The file to sync
# (/etc/puppetlabs/enterprise/conf.d/pe.conf by default)
def sync_pe_conf(host, pe_conf_file = PE_CONF_FILE)
Dir.mktmpdir('sync_pe_conf') do |tmpdir|
scp_from(master, pe_conf_file, tmpdir)
scp_to(host, File.join(tmpdir, File.basename(pe_conf_file)), pe_conf_file)
end
end
# If the key is unquoted and does not contain pathing ('.'),
# quote to ensure that puppet namespaces are protected
#
# @example
# quoted_hocon_key("puppet_enterprise::database_host")
# # => '"puppet_enterprise::database_host"'
#
def quoted_hocon_key(key)
case key
when /^[^"][^.]+/
then %Q{"#{key}"}
else key
end
end
# Return the original pe_ver setting for the passed host.
# Beaker resets pe_ver to the value of pe_upgrade_ver during its upgrade process.
# If the hosts's original configuration did not have a pe_ver, return the
# value of pe_ver set directly in options. It's the Host['pe_ver'] that
# gets overwritten by Beaker on upgrade. So if the original host config did not
# have a pe_ver set, there should be a pe_ver set in options and we can use
# that.
def original_pe_ver(host)
options[:HOSTS][host.name][:pe_ver] || options[:pe_ver]
end
# Returns the version of PE that the host will be upgraded to
# If no upgrade is planned then just the version of PE to install is returned
def upgrading_to_pe_ver(host)
options[:HOSTS][host.name][:pe_upgrade_ver] || options[:pe_ver]
end
# @return a Ruby object of any root key in pe.conf.
#
# @param key [String] to lookup
# @param pe_conf_path [String] defaults to /etc/puppetlabs/enterprise/conf.d/pe.conf
def get_unwrapped_pe_conf_value(key, pe_conf_path = PE_CONF_FILE)
file_contents = on(master, "cat #{pe_conf_path}").stdout
# Seem to need to use ConfigFactory instead of ConfigDocumentFactory
# to get something that we can read values from?
doc = Hocon::ConfigFactory.parse_string(file_contents)
hocon_key = quoted_hocon_key(key)
doc.has_path?(hocon_key) ?
doc.get_value(hocon_key).unwrapped :
nil
end
# Creates a new /etc/puppetlabs/enterprise/conf.d/nodes/*.conf file for the
# given host's certname, and adds the passed parameters, or updates with the
# passed parameters if the file already exists.
#
# Does not remove an empty file.
#
# @param host [Beaker::Host] to create a node file for
# @param parameters [Hash] of key value pairs to add to the nodes conf file
# @param node_conf_path [String] defaults to /etc/puppetlabs/enterprise/conf.d/nodes
def create_or_update_node_conf(host, parameters, node_conf_path = NODE_CONF_PATH)
node_conf_file = "#{node_conf_path}/#{host.node_name}.conf"
step "Create or Update #{node_conf_file} with #{parameters}" do
if !master.file_exist?(node_conf_file)
if !master.file_exist?(node_conf_path)
# potentially create the nodes directory
on(master, "mkdir #{node_conf_path}")
end
# The hocon gem will create a list of comma separated parameters
# on the same line unless we start with something in the file.
create_remote_file(master, node_conf_file, %Q|{\n}\n|)
on(master, "chown pe-puppet #{node_conf_file}")
end
update_pe_conf(parameters, node_conf_file)
end
end
def setup_pe_conf(host, hosts, opts={})
if opts[:type] == :upgrade && use_meep?(host['previous_pe_ver'])
# In this scenario, Beaker runs the installer such that we make
# use of recovery code in the configure face of the installer.
if host['roles'].include?('master')
step "Updating #{MEEP_DATA_DIR}/conf.d with answers/custom_answers" do
# merge answers into pe.conf
if opts[:answers] && !opts[:answers].empty?
update_pe_conf(opts[:answers])
end
if opts[:custom_answers] && !opts[:custom_answers].empty?
update_pe_conf(opts[:custom_answers])
end
end
else
step "Uploading #{BEAKER_MEEP_TMP}/conf.d that was generated on the master" do
# scp conf.d to host
scp_to(host, "#{BEAKER_MEEP_TMP}/conf.d", MEEP_DATA_DIR)
end
end
else
# Beaker creates a fresh pe.conf using beaker-answers, as if we were doing an install
generate_installer_conf_file_for(host, hosts, opts)
end
end
def download_pe_conf_if_master(host)
if host['roles'].include?('master')
step "Downloading generated #{MEEP_DATA_DIR}/conf.d locally" do
# scp conf.d over from master
scp_from(host, "#{MEEP_DATA_DIR}/conf.d", BEAKER_MEEP_TMP)
end
end
end
# Method to install just the agent nodes
# This method can be called only after installing PE on infrastructure nodes
# @param [Array] agent only nodes from Beaker hosts
# @param [Hash] opts The Beaker options hash
def install_agents_only_on(agent_nodes, opts)
unless agent_nodes.empty?
configure_type_defaults_on(agent_nodes)
step "Setup frictionless installer on the master" do
agent_nodes.each do |agent|
# If We're *not* running the classic installer, we want
# to make sure the master has packages for us.
if agent['packaging_platform'] != master['packaging_platform'] # only need to do this if platform differs
deploy_frictionless_to_master(agent)
end
end
end
step "Install agents" do
block_on(agent_nodes, {:run_in_parallel => true}) do |host|
install_ca_cert_on(host, opts)
on(host, installer_cmd(host, opts))
end
end
step "Sign agent certificates" do
# This will sign all cert requests
sign_certificate_for(agent_nodes)
end
step "Stop puppet agents to avoid interfering with tests" do
stop_agent_on(agent_nodes, :run_in_parallel => true)
end
step "Run puppet on all agent nodes" do
on agent_nodes, puppet_agent('-t'), :acceptable_exit_codes => [0,2], :run_in_parallel => true
end
#Workaround for windows frictionless install, see BKR-943
agent_nodes.select {|agent| agent['platform'] =~ /windows/}.each do |agent|
remove_client_datadir(agent)
end
end
end
end
end
end
end