Last active
January 5, 2018 05:21
-
-
Save natemccurdy/63a3ca243f132a050cc555fdc2255f88 to your computer and use it in GitHub Desktop.
Puppet class to synchronize pe_repo packages to off-line compile masters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This class is meant to solve the problem of synchronizing pe_repo agent | |
# packages to compile masters when there is no internet access. | |
# | |
# This profile assumes that the Puppet MoM (master of masters) is able to reach | |
# the internet to download the needed packages, or they've been sneaker-netted to the MoM. | |
# | |
class pe_repo_packages { | |
# Generate an array of puppet-agent pe_repo package names. | |
# 1. Searches PuppetDB for all pe_repo::platform classess added to the MoM. | |
# 2. Maps the name of each found class to the package name it creates. This is gnarly. | |
# | |
# Converts pe_repo::platform::el_7_x86_64 into ['puppet-agent-el-7-x86_64.tar.gz'] | |
# | |
$pql_query = "resources[title]{type = 'Class' and certname = '${::servername}' and title ~ 'Pe_repo::Platform'}" | |
$packages = puppetdb_query($pql_query).map | Hash $class | { | |
$platform_name = $class['title'].split('::')[2].downcase | |
# Special case for Windows because our naming convention is different. ¯\_(ツ)_/¯ | |
$platform_name ? { | |
/^windows/ => "puppet-agent-${platform_name.split('_')[1]}.msi", | |
default => "puppet-agent-${platform_name.regsubst('^(\w+)_(\d+)_(x86_64|\w+)$', '\1-\2-\3')}.tar.gz", | |
} | |
} | |
# MoM gets some symlinks setup. | |
if $::servername == $facts['networking']['fqdn'] { | |
# Symlink the pe-repo staging directory to Puppetserver's Nginx webshare | |
# This makes the packages available at: | |
# https://<MOM_FQDN>:8140/packages/current/pe_repo-puppet-agent | |
file { '/opt/puppetlabs/server/data/packages/public/current/pe_repo-puppet-agent': | |
ensure => link, | |
target => "/opt/puppetlabs/server/data/staging/pe_repo-puppet-agent-${facts['aio_agent_version']}", | |
} | |
# Create a symlink for the Windows agent installer. | |
# This package isn't a tarball, so pe_repo doesn't put it in the staging directory. | |
file { '/opt/puppetlabs/server/data/packages/public/current/pe_repo-puppet-agent/puppet-agent-x64.msi': | |
ensure => link, | |
target => '/opt/puppetlabs/server/data/packages/public/current/windows-x86_64/puppet-agent-x64.msi', | |
} | |
# Compile Master's fetch the packages from the MoM's symlinked web-share. | |
} else { | |
$packages.each |$package| { | |
# Windows packages don't go in staging as they aren't tarballs. | |
if $package =~ /msi$/ { | |
archive { "/opt/puppetlabs/server/data/packages/public/${::pe_server_version}/windows-x86_64/${package}": | |
ensure => present, | |
source => "https://${::servername}:8140/packages/current/pe_repo-puppet-agent/${package}", | |
allow_insecure => true, | |
extract => false, | |
cleanup => false, | |
before => Pe_staging::File[$package], | |
require => Class['pe_repo'], | |
} | |
} else { | |
archive { "/opt/puppetlabs/server/data/staging/pe_repo-puppet-agent-${facts['aio_agent_version']}/${package}": | |
ensure => present, | |
source => "https://${::servername}:8140/packages/current/pe_repo-puppet-agent/${package}", | |
allow_insecure => true, | |
extract => false, | |
cleanup => false, | |
before => Pe_staging::Deploy[$package], | |
require => Class['pe_repo'], | |
} | |
} | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is the most beautiful hack I've ever seen. I'm not sure if it's because I stumbled upon it while trying to do exactly this, or if it's because of how crazy that mapping is. Regardless, I'm a fan