Chapter 3. Upgrading Puppet
Red Hat Satellite 6.3 uses Puppet 3 by default, but you can also upgrade to Puppet 4. Satellite 6.4 will support only Puppet 5. The migration path for Puppet 5 supports only Puppet 4 to Puppet 5 migrations. Therefore if you are using a version of Puppet prior to version 4, you must upgrade to Puppet 4 prior to upgrading to Satellite 6.4. Satellite 6.3 includes an upgrade path to Puppet 4, and Red Hat recommends you do it now to prepare for your next upgrade. This chapter describes the process of upgrading to Puppet 4.
3.1. Upgrade Path
Before upgrading to Puppet 4, you must first review your Puppet modules, and make changes, to ensure they are compatible with Puppet 4 before upgrading Puppet. For example, if the client has blank configuration values after running the Puppet agent, updating Puppet modules is indicated.
Red Hat Satellite and Capsules do not have to be upgraded to Puppet 4 at the same time. You have the flexibility to upgrade Capsules depending on your progress with testing and upgrading Puppet modules. An alternative is to install new Capsules and move hosts to them after testing. You can use Satellite web UI, the Hammer CLI, or the bootstrap
script to move hosts from a Puppet 3 Capsule to a Puppet 4 Capsule.
Cloning an existing Capsule to use for final testing of upgraded Puppet modules is also recommended. Cloning an existing Capsule can take a long time depending on the size of the repositories.
You must install the Puppet 4 agent on the hosts for full functionally, but hosts must not be upgraded to Puppet 4 agent before their Capsule is upgraded to Puppet 4. For more information about installing Puppet agent, see Installing the Puppet Agent.
Using Parameters to Determine Puppet Versions
You can configure Satellite to install the Puppet 4 agent instead of the Puppet 3 agent during host provisioning. The Kickstart template file has the parameter enable-puppet4; if set to true
, the provisioning template installs the Puppet 4 agent and configures puppet.conf
in the /etc/puppetlabs/puppet/
directory. If the parameter is not defined, Puppet 3 agent is installed.
To enforce Puppet 4 for hosts, create a parameter at the host group level with name enable-puppet4 and set its value to true
.
- In the web UI, navigate to Configure > Host Groups and select the name of the host group you want to configure.
- Click the Parameters tab, and in the Host Group Parameters area, click Add Parameter.
-
In the Name field, enter
enable-puppet4
and in the Value field, entertrue
. - Click Submit to save the changes.
3.2. Testing Puppet Modules
Use the following guidelines to test your Puppet modules before you begin upgrading:
- Test Puppet modules first on a workstation, separate from Satellite.
-
Check the command syntax using the
puppet parser validate
command. -
Configure the Satellite Capsules running Puppet 3 to use the future parser and test again. To enable this feature, run the Satellite installer with the option
--puppet-server-parser future
.
The future parser in Puppet 3.8 enables functionality identical to the Puppet language used in Puppet 4.0. After enabling it, check the logs in /var/log/puppet/
for errors. If you find errors, correct them and test again. See the Puppet 3.8 Reference Manual for information on the future parser.
3.3. Performing the Upgrade
Use this section to upgrade a Satellite or Capsule to Puppet 4. For a new installation, see the Red Hat Satellite Installation Guide.
Before You Begin
- Ensure you complete the upgrade to Satellite 6.3.
- Review your Puppet modules and upgrade where required to Puppet 4.
- Ensure all hosts connected to the system that you want to upgrade have the latest Puppet 3 agent and not version 4. You must not upgrade hosts to Puppet 4 agent before their Capsule. The Satellite tools repository supplies the Puppet package. See Section 2.7.2, “Upgrading Satellite Clients” for more information.
- Create a backup or a snapshot of your system. For more information, see Backing Up and Restoring Satellite Server and Capsule Server in Administering Red Hat Satellite.
Upgrading Satellite or Capsule To Puppet 4
Enable the Puppet 4 repository:
On a Satellite:
# subscription-manager repos \ --enable=rhel-7-server-satellite-6.3-puppet4-rpms
On a Capsule:
# subscription-manager repos \ --enable=rhel-7-server-satellite-capsule-6.3-puppet4-rpms
Upgrade Puppet:
# satellite-installer --upgrade-puppet
Before You Begin
- Ensure the Puppet 4 repositories for your hosts are enabled in Satellite Server.
- Ensure your hosts associated Content Views have been updated to include the Puppet 4 agent.
The Puppet repositories for upgrading a host are Red Hat release and platform dependent, and sometimes also architecture dependent.
The Puppet 4 repositories take the following form for desktop, server, and workstation:
rhel-X-platform-satellite-tools-6.3-puppet4-rpms
Where X is the major release version, and platform is
desktop
,server
, orworkstation
.The Puppet 4 repositories take the following form for alternative architectures:
rhel-X-for-architecture-satellite-tools-6.3-puppet4-rpms
Where X is the major release version, and architecture is for example
arm
,power
,hpc-node
, orsystem-z
. Some repositories are for subscriptions with extended support. For example, Extended Update Support (EUS) is indicated byeus
after the architecture.For more information about types of extended support, see the Red Hat Knowledgebase article Red Hat Enterprise Linux - Top Support Policies.
On the content host, search for the Puppet 4 RPM repository:
# subscription-manager repos |grep puppet4
Enable the Puppet 4 repository suitable for the host, for example:
# subscription-manager repos \ --enable=rhel-7-server-satellite-tools-6.3-puppet4-rpms
Update all packages:
# yum update
Until Red Hat bug Bug 1517624 has been resolved, perform these additional steps:
# cp -rp /var/lib/puppet/ssl /etc/puppetlabs/puppet/ # cp /etc/puppet/puppet.conf.rpmsave /etc/puppetlabs/puppet/puppet.conf # sed -i 's|/var/lib/puppet|/opt/puppetlabs/puppet/cache|' /etc/puppetlabs/puppet/puppet.conf # sed -i 's|/var/log/puppet|/var/log/puppetlabs/puppet|' /etc/puppetlabs/puppet/puppet.conf # sed -i 's|/var/run/puppet|/var/run/puppetlabs|' /etc/puppetlabs/puppet/puppet.conf # sed -i 's|$vardir/ssl|/etc/puppetlabs/puppet/ssl|' /etc/puppetlabs/puppet/puppet.conf
Post Upgrade Tasks
When you upgrade to Puppet 4, Puppet Server cannot function if the noexec
bit is set on the temporary mount point that Java uses.
Complete the following steps to ensure that the puppetserver
service can start correctly:
Open the
/etc/sysconfig/puppetserver
file for editing:# vi /etc/sysconfig/puppetserver
In the
/etc/sysconfig/puppetserver
file, changeJAVA_ARGS="-Xms2G -Xmx2G -XX:MaxPermSize=256m"
to the following:JAVA_ARGS="-Xms2G -Xmx2G -XX:MaxPermSize=256m -Djava.io.tmpdir=/var/tmp"
You can set the variable
/var/tmp
to the directory you prefer.Open the
/etc/foreman-installer/custom-hiera.yaml
for editing:# vi /etc/foreman-installer/custom-hiera.yaml
In the
/etc/foreman-installer/custom-hiera.yaml
file, add the following line to make your changes persistent acrosssatellite-installer
executions:puppet::server_jvm_extra_args: '-XX:MaxPermSize=256m -Djava.io.tmpdir=/var/tmp'
You can set the variable
/var/tmp
to the directory you prefer.Restart the
puppetserver
service:# systemctl restart puppetserver
Verify that the
puppetserver
service is running:# systemctl status puppetserver