Project

General

Profile

Feature #11836

Feature #11834: Migrate our infrastructure to Puppet 4

Stop stringifying Puppet facts

Added by intrigeri almost 2 years ago. Updated 4 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Infrastructure
Target version:
Start date:
09/24/2016
Due date:
% Done:

100%

QA Check:
Feature Branch:
Type of work:
Sysadmin
Blueprint:
Starter:
Affected tool:


Related issues

Blocks Tails - Feature #11837: Upgrade Puppet master to Puppet 4 Resolved 09/24/2016
Blocked by Tails - Feature #11835: Upgrade Puppet master and clients to 3.8 Resolved 09/24/2016
Blocks Tails - Feature #13284: Core work 2017Q2→2019Q1: Sysadmin (Adapt our infrastructure) Confirmed 06/30/2017
Blocks Tails - Feature #11833: Make our Puppet code compatible with the "future" parser Resolved 09/24/2016

History

#1 Updated by intrigeri almost 2 years ago

  • Parent task set to #11834

#2 Updated by intrigeri almost 2 years ago

#3 Updated by intrigeri almost 2 years ago

  • Blocked by Feature #11835: Upgrade Puppet master and clients to 3.8 added

#4 Updated by intrigeri almost 2 years ago

  • Assignee set to intrigeri
  • Target version set to Tails_2.7

I'll try to do that during this dev cycle, we'll see how time-consuming a task it really is.

#5 Updated by intrigeri almost 2 years ago

  • Status changed from Confirmed to In Progress
  • % Done changed from 0 to 10

Applied, this breaks stuff with "can't cast Hash to text". Will investigate.

#6 Updated by intrigeri almost 2 years ago

Reverted. Emptying a node definition is not enough to fix the problem.

#7 Updated by intrigeri almost 2 years ago

I've verified that Puppet 4 indeed dropped the stringify_facts option.

It might be that this problem is caused by using storedconfigs with ActiveRecord + thin_storeconfigs, which is deprecated: on a system of mine, that has storeconfigs disabled, and uses lots of the same modules as Tails' infra, I don't see this problem. It might be that moving to PuppetDB will fix it, but I'm not too hopeful.

The Puppet doc says "This should only affect you if you have custom facts that naïvely return something other than a string (a bool, an array…) and you also have regexes or templates that don’t expect structured facts and rely on that implicit coercion to string" so perhaps a template or manifest of ours does something wrong.

Next debugging step is to set up a testing environment (e.g. using a Puppet environment) that has no module nor custom template at all, have a node use it, and then:

  • either an empty node definition exposes the problem: then the problem is probably caused by lower level bit of our config, most likely using storeconfigs + thin_storeconfigs with an ActiveRecord backend; and then we'll need to switch to PuppetDB in order to fix that (either at the same time as we upgrade to Puppet 4, or earlier but we'll need PuppetDB 2.x since 3.x requires a Puppet 4 master);
  • or, an empty node definition works: and then we can incrementally add our modules and custom code/templates until the culprit is identified, and then we can fix it, and disable stringify_facts on all our systems.

#8 Updated by intrigeri over 1 year ago

  • Target version changed from Tails_2.7 to 284

Best case I'll work on this around December 17-20.

#9 Updated by anonym over 1 year ago

  • Target version changed from 284 to Tails 2.10

#10 Updated by intrigeri over 1 year ago

  • Target version changed from Tails 2.10 to Tails_2.11

#11 Updated by intrigeri over 1 year ago

  • Target version changed from Tails_2.11 to Tails_3.1

Best case I'll work on this in June-July.

#12 Updated by intrigeri about 1 year ago

  • Target version changed from Tails_3.1 to Tails_3.2

#13 Updated by intrigeri about 1 year ago

  • Target version changed from Tails_3.2 to Tails_3.5

I would like to tackle our yearly hardware upgrade before starting seriously working on Puppet 4.

#14 Updated by intrigeri 6 months ago

  • Blocks Feature #13284: Core work 2017Q2→2019Q1: Sysadmin (Adapt our infrastructure) added

#15 Updated by intrigeri 6 months ago

  • Target version changed from Tails_3.5 to Tails_3.6

(See the parent ticket for the big picture & planning info.)

#16 Updated by intrigeri 5 months ago

  • Target version changed from Tails_3.6 to Tails_3.7

#17 Updated by intrigeri 4 months ago

  • Blocks Feature #11833: Make our Puppet code compatible with the "future" parser added

#18 Updated by intrigeri 4 months ago

  • % Done changed from 10 to 50

Deployed on all systems, seems to work fine. Next step: check that exported resources still work.

#19 Updated by intrigeri 4 months ago

  • Status changed from In Progress to Resolved
  • % Done changed from 50 to 100

Fixed regressions, everything seems to be fine including exported resources (tested by empty'ing /etc/ssh/ssh_known_hosts on a system and then a Puppet run re-adds all other systems' SSH public host keys).

I don't think there's anything to review here as I did not have to do anything special other than setting stringify_facts = false in every puppet.conf: apparently the Puppet modules upgrade rounds I did a couple months ago (#15154 + #11834#note-17) fixed the issue I had identified last year on this ticket :)

Also available in: Atom PDF