Feature #11834: Migrate our infrastructure to Puppet 4
Stop stringifying Puppet facts
That's one of the steps of the migration to Puppet 4: https://docs.puppet.com/puppet/4.5/reference/upgrade_major_pre.html#stop-stringifying-facts-and-check-for-breakage
#7 Updated by intrigeri almost 2 years ago
I've verified that Puppet 4 indeed dropped the
It might be that this problem is caused by using storedconfigs with ActiveRecord +
thin_storeconfigs, which is deprecated: on a system of mine, that has storeconfigs disabled, and uses lots of the same modules as Tails' infra, I don't see this problem. It might be that moving to PuppetDB will fix it, but I'm not too hopeful.
The Puppet doc says "This should only affect you if you have custom facts that naïvely return something other than a string (a bool, an array…) and you also have regexes or templates that don’t expect structured facts and rely on that implicit coercion to string" so perhaps a template or manifest of ours does something wrong.
Next debugging step is to set up a testing environment (e.g. using a Puppet environment) that has no module nor custom template at all, have a node use it, and then:
- either an empty node definition exposes the problem: then the problem is probably caused by lower level bit of our config, most likely using
thin_storeconfigswith an ActiveRecord backend; and then we'll need to switch to PuppetDB in order to fix that (either at the same time as we upgrade to Puppet 4, or earlier but we'll need PuppetDB 2.x since 3.x requires a Puppet 4 master);
- or, an empty node definition works: and then we can incrementally add our modules and custom code/templates until the culprit is identified, and then we can fix it, and disable
stringify_factson all our systems.
- Status changed from In Progress to Resolved
- % Done changed from 50 to 100
Fixed regressions, everything seems to be fine including exported resources (tested by empty'ing
/etc/ssh/ssh_known_hosts on a system and then a Puppet run re-adds all other systems' SSH public host keys).
I don't think there's anything to review here as I did not have to do anything special other than setting
stringify_facts = false in every
puppet.conf: apparently the Puppet modules upgrade rounds I did a couple months ago (#15154 + #11834#note-17) fixed the issue I had identified last year on this ticket :)