Puppet Class: puppetmaster::scripts

Defined in:
modules/puppetmaster/manifests/scripts.pp

Overview

Class: puppetmaster::scripts

This class installs some puppetmaster server side scripts required for the manifests

Parameters

keep_reports_minutes

Number of minutes to keep older reports for before deleting them. The cron to remove these is run only every 8 hours, however, to prevent excess load on the prod puppetmasters.

Parameters:

  • keep_reports_minutes (Integer) (defaults to: 960)
  • has_puppetdb (Boolean) (defaults to: true)
  • ca_server (Stdlib::Host) (defaults to: $facts['fqdn']) 


12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
 
# File 'modules/puppetmaster/manifests/scripts.pp', line 12

class puppetmaster::scripts(
    Integer      $keep_reports_minutes = 960, # 16 hours
    Boolean      $has_puppetdb         = true,
    Stdlib::Host $ca_server            = $facts['fqdn'],
) {
    $servers = hiera('puppetmaster::servers', {})
    $masters = $servers.keys().filter |$server| { $server != $facts['fqdn'] }
    $workers = $servers.values().map |$worker| {
        $worker.map |$name| { $name['worker'] }.filter |$name| { $name != $facts['fqdn'] }
    }.flatten()
    $puppet_merge_conf = @("CONF")
    # Generated by Puppet
    MASTERS="${masters.join(' ')}"
    WORKERS="${workers.join(' ')}"
    CA_SERVER="${ca_server}"
    | CONF

    file{'/etc/puppet-merge.conf':
        ensure  => file,
        owner   => 'root',
        group   => 'root',
        mode    => '0555',
        content => $puppet_merge_conf,
    }

    file{'/usr/local/bin/puppet-merge':
        ensure => present,
        owner  => 'root',
        group  => 'root',
        mode   => '0555',
        source => 'puppet:///modules/puppetmaster/puppet-merge.sh',
    }
    file{'/usr/local/bin/puppet-merge.py':
        ensure => present,
        owner  => 'root',
        group  => 'root',
        mode   => '0555',
        source => 'puppet:///modules/puppetmaster/puppet-merge.py',
    }

    # export and sanitize facts for puppet compiler
    require_package('python3-requests', 'python3-yaml')
    file {'/usr/local/bin/puppet-facts-export-puppetdb':
        ensure => present,
        owner  => 'root',
        group  => 'root',
        mode   => '0555',
        source => 'puppet:///modules/puppetmaster/puppet-facts-export-puppetdb.py',
    }

    # this performs the same task as puppet-facts-export but can
    #  run on a host without puppetdb.  This is useful because
    #  the cloud puppetmasters don't use puppetdb to preserve
    #  tenant separation
    file {'/usr/local/bin/puppet-facts-export-nodb':
        ensure => present,
        owner  => 'root',
        group  => 'root',
        mode   => '0555',
        source => 'puppet:///modules/puppetmaster/puppet-facts-export-nodb.sh',
    }

    # Link to the appropriate fact exporter, as appropriate
    #  depending on the presence of puppetdb
    $puppet_facts_export = $has_puppetdb ? {
        false   => '/usr/local/bin/puppet-facts-export-nodb',
        default => '/usr/local/bin/puppet-facts-export-puppetdb',
    }
    file { '/usr/local/bin/puppet-facts-export':
        ensure => link,
        target => $puppet_facts_export
    }

    # Clear out older reports
    cron { 'removeoldreports':
        ensure  => present,
        command => "find /var/lib/puppet/reports -type f -mmin +${keep_reports_minutes} -delete >/dev/null 2>&1",
        user    => puppet,
        hour    => [0, 8, 16], # Run every 8 hours, to prevent excess load
        minute  => 27, # Run at a time when hopefully no other cron jobs are
    }
}