I'm working to get r10k to populate modules on our puppet masters. I have
this working, but there are some complications with Foreman, I'm seeking
input on.
We make use of /etc/puppet/environments/common as part of the
basemodulepath, this is setup from the Foreman Installer, and part of the
puppet.conf template as far as I can tell. I have r10k setup to manage
this directory as well, but it wants to make
/etc/puppet/environments/common/modules and place any modules in the
Puppetfile there. This creates two stumbles for me…
Is there a way to easily override the Foreman-Installer's puppet.conf
template? …so I can change the basemodulepath according to my needs at
install, and not have it wiped out if foreman-installer is run again? An
alternative that I've considered but been unable to resolve would be to
force r10k to drop modules right into /etc/puppet/environments/common, does
anyone know how to do that?
Importing the environments and modules always involves ignoring the
"common" environment. Is there a way to get Foreman to always ignore this
environment? This was never much an issue beyond training when we use the
WebUI to do the import…where we'd just ignore "common" and never import
it. Now I'm looking at running a import as a rake task behind the r10k
command in a script. Since the environments are dynamic, I don't think it
will be easy to avoid importing "common" down the road. Using CI workflow
and orchestration will come in the future, but at the moment it's all done
by hand.
Thank you kindly for any advice
P.S. For what it's worth on the "common" modules, basically we're using the
"common" modules as our Enterprise level modules for all puppet
environments. Local/Dept sys/devops admins can manage modules in their
puppetmaster specific environments. We own all the r10k git repos, and
protect the "common" branches so the local guys can't commit to it, but
otherwise they manage the other branches as they see fit.
> Hi,
>
> I'm working to get r10k to populate modules on our puppet masters. I
> have this working, but there are some complications with Foreman, I'm
> seeking input on.
>
> We make use of /etc/puppet/environments/common as part of the
> basemodulepath, this is setup from the Foreman Installer, and part of
> the puppet.conf template as far as I can tell. I have r10k setup to
> manage this directory as well, but it wants to make
> /etc/puppet/environments/common/modules and place any modules in the
> Puppetfile there. This creates two stumbles for me…
>
> 1. Is there a way to easily override the Foreman-Installer's
> puppet.conf template? …so I can change the basemodulepath according
> to my needs at install, and not have it wiped out if foreman-installer
> is run again?
You could try setting --puppet-server-common-modules-path, which I think
is by default set to an array of the common dir, /etc/puppet/modules and
/usr/share/puppet/modules (see/grep its entry in foreman-installer
–full-help or the answers file to check). To set an array with the
installer, pass the argument once for each entry.
> 2. Importing the environments and modules always involves ignoring the
> "common" environment. Is there a way to get Foreman to always ignore
> this environment?
You can list ignored environments in
/usr/share/foreman/config/ignored_environments.yml (copy the sample
file) with:
Thank you Dominic! Both suggestions work as expected.
A quick question on the ignored_environments file… Can it live in
/etc/foreman instead of /usr/share/foreman/config? Just my opinion, but
/usr/share seems to be an odd place to have an user created config file.
Anyway, again thanks for both tips!
···
On Wednesday, June 15, 2016 at 3:11:16 AM UTC-4, Dominic Cleal wrote:
>
> On 14/06/16 18:06, Sean A wrote:
> > Hi,
> >
> > I'm working to get r10k to populate modules on our puppet masters. I
> > have this working, but there are some complications with Foreman, I'm
> > seeking input on.
> >
> > We make use of /etc/puppet/environments/common as part of the
> > basemodulepath, this is setup from the Foreman Installer, and part of
> > the puppet.conf template as far as I can tell. I have r10k setup to
> > manage this directory as well, but it wants to make
> > /etc/puppet/environments/common/modules and place any modules in the
> > Puppetfile there. This creates two stumbles for me...
> >
> > 1. Is there a way to easily override the Foreman-Installer's
> > puppet.conf template? ...so I can change the basemodulepath according
> > to my needs at install, and not have it wiped out if foreman-installer
> > is run again?
>
> You could try setting --puppet-server-common-modules-path, which I think
> is by default set to an array of the common dir, /etc/puppet/modules and
> /usr/share/puppet/modules (see/grep its entry in foreman-installer
> --full-help or the answers file to check). To set an array with the
> installer, pass the argument once for each entry.
>
> > 2. Importing the environments and modules always involves ignoring the
> > "common" environment. Is there a way to get Foreman to always ignore
> > this environment?
>
> You can list ignored environments in
> /usr/share/foreman/config/ignored_environments.yml (copy the sample
> file) with:
>
> :ignored:
> - common
>
> --
> Dominic Cleal
> dom...@cleal.org
>
Foreman only reads it from ~foreman/config/, it would need to be fixed
in packaging with a symlink or similar.
···
On 15/06/16 15:51, Sean A wrote:
> Thank you Dominic! Both suggestions work as expected.
>
> A quick question on the ignored_environments file... Can it live in
> /etc/foreman instead of /usr/share/foreman/config? Just my opinion, but
> /usr/share seems to be an odd place to have an user created config file.
So, on a side note to the idea of
passing --puppet-server-common-modules-path arguments on the
foreman-installer command line…In my initial response indicating success,
I had simply modified the foreman-answers.yaml file accordingly and re-run
the installer. If running for the first time, however, the installer
results with errors.
It's the typical thing that Puppet can not mkdir -p when creating directory
resources. So since there was no /etc/puppet/environments/common
directory, foreman-installer has puppet errors
when --puppet-server-common-modules-path=/etc/puppet/environments/common/modules
set. I'm hesitant to say this is a bug in the installer, but it will occur
anytime someone adds an arbitrary path with a non-existent parent using
this parameter.
My goal here is use puppet to manage the answers file as a template and
exec foreman-installer on refresh notification. I guess I'll have to setup
/etc/puppet/environments/common as a file resource before running the
installer the first time to avoid this issue.
···
On Wednesday, June 15, 2016 at 3:11:16 AM UTC-4, Dominic Cleal wrote:
>
> On 14/06/16 18:06, Sean A wrote:
> > Hi,
> >
> > I'm working to get r10k to populate modules on our puppet masters. I
> > have this working, but there are some complications with Foreman, I'm
> > seeking input on.
> >
> > We make use of /etc/puppet/environments/common as part of the
> > basemodulepath, this is setup from the Foreman Installer, and part of
> > the puppet.conf template as far as I can tell. I have r10k setup to
> > manage this directory as well, but it wants to make
> > /etc/puppet/environments/common/modules and place any modules in the
> > Puppetfile there. This creates two stumbles for me...
> >
> > 1. Is there a way to easily override the Foreman-Installer's
> > puppet.conf template? ...so I can change the basemodulepath according
> > to my needs at install, and not have it wiped out if foreman-installer
> > is run again?
>
> You could try setting --puppet-server-common-modules-path, which I think
> is by default set to an array of the common dir, /etc/puppet/modules and
> /usr/share/puppet/modules (see/grep its entry in foreman-installer
> --full-help or the answers file to check). To set an array with the
> installer, pass the argument once for each entry.
>
> > 2. Importing the environments and modules always involves ignoring the
> > "common" environment. Is there a way to get Foreman to always ignore
> > this environment?
>
> You can list ignored environments in
> /usr/share/foreman/config/ignored_environments.yml (copy the sample
> file) with:
>
> :ignored:
> - common
>
> --
> Dominic Cleal
> dom...@cleal.org
>
Fair enough, and makes sense from the homedir perspective.
···
On Wednesday, June 15, 2016 at 10:52:37 AM UTC-4, Dominic Cleal wrote:
>
> On 15/06/16 15:51, Sean A wrote:
> > Thank you Dominic! Both suggestions work as expected.
> >
> > A quick question on the ignored_environments file... Can it live in
> > /etc/foreman instead of /usr/share/foreman/config? Just my opinion, but
> > /usr/share seems to be an odd place to have an user created config file.
>
> Foreman only reads it from ~foreman/config/, it would need to be fixed
> in packaging with a symlink or similar.
>
> --
> Dominic Cleal
> dom...@cleal.org
>
I have a slightly different angle to this problem. Just like above, I have
a "common" environment, which is default one for all of the hosts that are
NOT in any other env, and some directory-based ones. However, what I'd like
to do with common modules is to share between "common" environment and
any other environment. Basically, I'd have a hostgroup called "common" in
each of the environments with classes from common modules that I'd use as
my parent HG for every other HG:
default environment - common
default hostgroup - common (with modules/classes imported from
/etc/puppet/environment/common)
"normal" environment, say "production"
"common" hostgroup with the same modules from
/etc/puppet/environment/common
other HGs using common HG as its parent
However, when Foreman imports puppet classes, it only associates those
classes with a single environment, so it seems that common cannot be shared
on Foreman level?
On puppet level this should be just fine as Foreman installer puts a proper
base path for me:
From Foreman/ENC point of view that should be fine as well - common modules
would get the same params regardless of the environment a particular
machine is in.
