Preinstalled Puppet version

Problem: Current Foreman setup installs Puppet from Ubuntu repos (depending on Ubuntu version it is Puppet version <= 5.5.6) by default after the OS is installed.

Expected outcome: Since we want to use newer Puppet versions it is required to add the Puppet5 (or later 6) repo to be able to install >= 5.5.7 while installing a host.

Foreman and Proxy versions: 1.21

Question: How can I change Foremans workflow (stop installing package puppet from Ubuntu repo) and add the official Puppet repo to install puppet-agent instead?
Can somebody point me in the right direction?

Can you clarify what you’re trying to install? If you mean to use foreman-installer then it should automatically use (and prefer) puppet-agent when it’s available. Just adding the repository + apt update should suffice.

And if you mean during provisioning, there are parameters like enable-puppetlabs-puppet5-repo you can set to get a specific repository enabled and Puppet version installed. Just have a look into the header of the provisioning templates used for all parameters used by the template.

I want to install a specific version of puppet-agent. Currently the package puppet is being installed in every installation. And it is taken from the official Ubuntu repositories. But this version is too old.
So in my understanding I have to add the official Puppet repo in a template and have to install the package puppet-agent instead of puppet.

In the provisioning template that is used in the operating system Ubuntu Bionic is no entry like enable-puppetlabs-puppet5-repo. But there is a separate template called puppetlabs_repo

Do I have to port that into my used template?

I forgot that for Preseed it is included in the finish template instead of provisioning because of Preseed not being able to include a script directly. So no need to port it, it is the same parameter only a small difference in the way it is used.

That’s the finish template the OS is using:

kind: finish
name: Preseed default finish
model: ProvisioningTemplate
- Debian
- Ubuntu
  # safemode renderer does not support unary negation
  pm_set = @host.puppetmaster.empty? ? false : true
  puppet_enabled = pm_set || host_param_true?('force-puppet')
  salt_enabled = host_param('salt_master') ? true : false
  chef_enabled = @host.respond_to?(:chef_proxy) && @host.chef_proxy

<% subnet = @host.subnet -%>
<% if subnet.respond_to?(:dhcp_boot_mode?) -%>
<% dhcp = subnet.dhcp_boot_mode? && !@static -%>
<% else -%>
<% dhcp = !@static -%>
<% end -%>
<% unless dhcp -%>
# host and domain name need setting as these values may have come from dhcp if pxe booting
/bin/sed -i "s/^search.*$/search <%= @host.domain %>/g" /etc/resolv.conf
/bin/sed -i "s/.*dns-search.*/\tdns-search <%= @host.domain %>/g" /etc/network/interfaces
/bin/sed -i "s/^<%= @host.ip %>.*/<%= @host.ip %>\t<%= @host.shortname %>.<%= @host.domain %>\t<%= @host.shortname %>/g" /etc/hosts
/bin/echo <%= @host.shortname %> > /etc/hostname
/bin/hostname  <%= @host.shortname %>.<%= @host.domain %>
<% end -%>

<% if host_enc['parameters']['realm'] && @host.realm && @host.realm.realm_type == 'FreeIPA' -%>
<%= snippet 'freeipa_register' %>
<% end -%>

<%= snippet('remote_execution_ssh_keys') %>

<%= snippet "blacklist_kernel_modules" %>

<% if chef_enabled %>
<%= snippet 'chef_client' %>
<% end -%>

<% if puppet_enabled %>
<% if host_param_true?('enable-puppetlabs-pc1-repo') || host_param_true?('enable-puppetlabs-repo') || host_param_true?('enable-puppetlabs-puppet5-repo') -%>
<%= snippet 'puppetlabs_repo' %>
<% end -%>
<%= snippet 'puppet_setup' %>
<% end -%>

<% if salt_enabled %>
<%= snippet 'saltstack_setup' %>
<% end -%>

<%= snippet 'preseed_networking_setup' %>
<%= snippet 'built' %>

This block

<% if puppet_enabled %>
<% if host_param_true?('enable-puppetlabs-pc1-repo') || host_param_true?('enable-puppetlabs-repo') || host_param_true?('enable-puppetlabs-puppet5-repo') -%>

seems to be the important part. Not sure what I have to change there, but could it be possible that both conditions don’t come true for $reasons? Or maybe I have to remove the first two host_param_true conditions to make sure puppet5 repo will be used?

You only have to add enable-puppetlabs-puppet5-repo as a parameter of type boolean with value true. I prefer adding it on the operating system, but you can also add it as global parameter or host depending on granularity needed.

It works perfectly! Thanks a lot!