Puppet Class: puppet::agent

Defined in:
modules/puppet/manifests/agent.pp

Summary

install and configure puppet agent

Overview

Parameters:

  • ca_server (Optional[String[1]]) (defaults to: undef)

    the ca server

  • server (Stdlib::Host) (defaults to: 'puppet')

    the puppet server

  • use_srv_records (Boolean) (defaults to: false)

    if true use SRV records to resolve the puppet server and ca server

  • srv_domain (Optional[Stdlib::Fqdn]) (defaults to: undef)

    the domain to use when resolving SRV records. puppet will look for records al _x-puppet._tcp.$srv_domain and _x-puppet-ca._tcp.$srv_domain. if no value is provided a value will be calculated based on the $::site variable

  • certname (Optional[String[1]]) (defaults to: undef)

    the agent certname

  • dns_alt_names (Array[Stdlib::Fqdn]) (defaults to: [])

    a list of dns alt names

  • environment (Optional[String[1]]) (defaults to: undef)

    the agent environment

  • serialization_format (Enum['pson', 'json', 'msgpack']) (defaults to: 'json')

    the serilasation format of catalogs

  • certificate_revocation (Optional[Enum['chain', 'leaf', 'false']]) (defaults to: undef)

    The level of certificate revocation to perform

  • facts_soft_limit (Optional[Integer]) (defaults to: 2048) 


13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
 
# File 'modules/puppet/manifests/agent.pp', line 13

class puppet::agent (
    Optional[String[1]]                      $ca_server              = undef,
    Stdlib::Host                             $server                 = 'puppet',
    Boolean                                  $use_srv_records        = false,
    Optional[Stdlib::Fqdn]                   $srv_domain             = undef,
    Optional[String[1]]                      $certname               = undef,
    Array[Stdlib::Fqdn]                      $dns_alt_names          = [],
    Optional[String[1]]                      $environment            = undef,
    Optional[Integer]                        $facts_soft_limit       = 2048,
    Enum['pson', 'json', 'msgpack']          $serialization_format   = 'json',
    Optional[Enum['chain', 'leaf', 'false']] $certificate_revocation = undef,
) {
    if $use_srv_records and !$srv_domain {
        fail('You must set $srv_domain when using $use_srv_records')
    }
    # augparse is required to resolve the augeasversion in facter3
    # facter needs virt-what for proper "virtual"/"is_virtual" resolution
    # TODO: use puppet-agent package name when everything is on puppet7
    # puppet is a transition package
    ensure_packages(['puppet', 'facter', 'augeas-tools', 'virt-what'])

    # these where moved out of core in puppet6
    ensure_packages(['puppet-module-puppetlabs-augeas-core'])

    file { '/etc/facter':
        ensure => directory,
        mode   => '0555',
    }

    file { '/etc/facter/facter.conf':
        ensure => 'file',
        mode   => '0444',
        source => 'puppet:///modules/puppet/facter.conf',
    }

    file { '/etc/puppetlabs':
        ensure  => absent,
        force   => true,
        recurse => true,
        mode    => '0555',
    }

    concat { '/etc/puppet/puppet.conf':
        owner => 'root',
        group => 'root',
        mode  => '0444',
    }

    concat::fragment { 'main':
        target  => '/etc/puppet/puppet.conf',
        order   => '10',
        content => template('puppet/main.conf.erb'),
    }

    ## do not use puppet agent, use a cron-based puppet-run instead
    service { 'puppet':
        ensure => stopped,
        enable => false,
    }
}