(PE-37233-35) Official support of Add compiler plan (#485)

CoMfUcIoS · Jo-Lillie · ragingra · web-flow · commit 68329f04628a · 2024-09-12T13:28:51.000+01:00
* (PE-37236) Remove experimental status of add_compiler (#428) * (PE-37233) Adding add_compiler to test matrix (#434) Updated add_compiler spec to check compiler has been added and puppet run before running add compiler Added test matrix for add compiler * (PE-38814) add_compiler - Making primary_postgresql_host and avail_group_letter optional (#468) * (PE-38814) add_compiler - Making primary_postgresql_host and avail_group_letter optional primary_postgresql_host, if not provided will be determined through get_peadm_config avail_group_letter, is defaulting to A * Updating spec tests for add compiler Removing optional from avail_group_letter as not required with enum default value * Updating reference.md * Fixing linting issues --------- Co-authored-by: Neil Anderson <neil.anderson@perforce.com> * (PE-37235) Verify and update documentation on add_compiler (#429) * PE-37235 Verify and update documentation on add_compiler if needed and its experimental status * @cathal41 PE-37235 Verify and update documentation on add_compiler - wording updates * Update plans/add_compiler.pp Co-authored-by: Dimitri Tischenko <1586813+timidri@users.noreply.github.com> * Update documentation/add_compiler.md Co-authored-by: Dimitri Tischenko <1586813+timidri@users.noreply.github.com> * Update documentation/add_compiler.md Co-authored-by: Dimitri Tischenko <1586813+timidri@users.noreply.github.com> * Update documentation/add_compiler.md Co-authored-by: Dimitri Tischenko <1586813+timidri@users.noreply.github.com> * Update documentation/add_compiler.md Co-authored-by: Dimitri Tischenko <1586813+timidri@users.noreply.github.com> * Update documentation/add_compiler.md Co-authored-by: Dimitri Tischenko <1586813+timidri@users.noreply.github.com> * Updating add compiler docs to show optional params * Updating docs with text corrections --------- Co-authored-by: Dimitri Tischenko <1586813+timidri@users.noreply.github.com> Co-authored-by: Neil Anderson <neil.anderson@perforce.com> * chore(workflows): simplify YAML syntax and improve readability - Removed unnecessary quotes around strings in YAML files. - Consolidated list items to single-line format where applicable. - Ensured consistent naming conventions for job steps. - Improved readability by removing extra blank lines. * fix(workflow): add console_password to test-add-compiler workflows - Added `console_password` parameter to the `test-add-compiler-matrix.yml` and `test-add-compiler.yaml` workflows. - This ensures the console password is passed correctly during the workflow execution. * chore: update test-add-compiler-matrix workflow - Remove centos-7 from the image matrix in test-add-compiler-matrix.yml - Retain only almalinux-cloud/almalinux-8 in the image matrix * feat(workflow): add --stream option to bolt plan run command Added the --stream option to the bolt plan run command in the test-add-compiler GitHub workflow. This change ensures that the output is streamed in real-time. * chore(workflow): update compiler versions in test-add-compiler-matrix.yml Updated the compiler versions in the test-add-compiler-matrix.yml GitHub workflow from 2021.7.7 and 2023.6.0 to 2021.7.9 and 2023.8.0. --------- Co-authored-by: Jo Lillie <jo.lillie@puppet.com> Co-authored-by: Neil Anderson <ragingra@users.noreply.github.com> Co-authored-by: Neil Anderson <neil.anderson@perforce.com> Co-authored-by: cathal41 <62099613+cathal41@users.noreply.github.com> Co-authored-by: Dimitri Tischenko <1586813+timidri@users.noreply.github.com>
diff --git a/.github/workflows/test-add-compiler-matrix.yml b/.github/workflows/test-add-compiler-matrix.yml
@@ -0,0 +1,105 @@
+---
+name: Add compiler matrix
+on:
+  pull_request:
+    paths:
+      - .github/workflows/**/*
+      - spec/**/*
+      - lib/**/*
+      - tasks/**/*
+      - functions/**/*
+      - types/**/*
+      - plans/**/*
+      - hiera/**/*
+      - manifests/**/*
+      - templates/**/*
+      - files/**/*
+      - metadata.json
+      - Rakefile
+      - Gemfile
+      - provision.yaml
+      - .rspec
+      - .rubocop.yml
+      - .puppet-lint.rc
+      - .fixtures.yml
+    branches: [main]
+  workflow_dispatch: {}
+jobs:
+  test-add-compiler:
+    name: PE ${{ matrix.version }} ${{ matrix.architecture }} on ${{ matrix.image }}
+    runs-on: ubuntu-20.04
+    env:
+      BOLT_GEM: true
+      BOLT_DISABLE_ANALYTICS: true
+      LANG: en_US.UTF-8
+    strategy:
+      fail-fast: false
+      matrix:
+        architecture: [standard, large, extra-large]
+        version: [2021.7.9, 2023.8.0]
+        image: [almalinux-cloud/almalinux-8]
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@v2
+      - name: Activate Ruby 2.7
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: '2.7'
+          bundler-cache: true
+      - name: Print bundle environment
+        if: ${{ github.repository_owner == 'puppetlabs' }}
+        run: |
+          echo ::group::info:bundler
+            bundle env
+          echo ::endgroup::
+      - name: Provision test cluster
+        timeout-minutes: 15
+        run: |
+          echo ::group::prepare
+            mkdir -p $HOME/.ssh
+            echo 'Host *'                      >  $HOME/.ssh/config
+            echo '    ServerAliveInterval 150' >> $HOME/.ssh/config
+            echo '    ServerAliveCountMax 2'   >> $HOME/.ssh/config
+            bundle exec rake spec_prep
+          echo ::endgroup::
+          echo ::group::provision
+            bundle exec bolt plan run peadm_spec::provision_test_cluster \
+              --modulepath spec/fixtures/modules \
+              provider=provision_service \
+              image=${{ matrix.image }} \
+              architecture=${{ matrix.architecture }}-with-extra-compiler
+          echo ::endgroup::
+          echo ::group::info:request
+            cat request.json || true; echo
+          echo ::endgroup::
+          echo ::group::info:inventory
+            sed -e 's/password: .*/password: "[redacted]"/' < spec/fixtures/litmus_inventory.yaml || true
+          echo ::endgroup::
+      - name: Install PE on test cluster
+        timeout-minutes: 120
+        run: |
+          bundle exec bolt plan run peadm_spec::install_test_cluster \
+            --inventoryfile spec/fixtures/litmus_inventory.yaml \
+            --modulepath spec/fixtures/modules \
+            architecture=${{ matrix.architecture }} \
+            console_password=${{ secrets.CONSOLE_PASSWORD }} \
+            version=${{ matrix.version }}
+      - name: Run add_compiler plan
+        timeout-minutes: 50
+        run: |
+          bundle exec bolt plan run peadm_spec::add_compiler -v \
+            --inventoryfile spec/fixtures/litmus_inventory.yaml \
+            --modulepath spec/fixtures/modules \
+            architecture=${{ matrix.architecture }}
+      - name: Tear down test cluster
+        if: ${{ always() }}
+        continue-on-error: true
+        run: |-
+          if [ -f spec/fixtures/litmus_inventory.yaml ]; then
+            echo ::group::tear_down
+              bundle exec rake 'litmus:tear_down'
+            echo ::endgroup::
+            echo ::group::info:request
+              cat request.json || true; echo
+            echo ::endgroup::
+          fi
diff --git a/.github/workflows/test-add-compiler.yaml b/.github/workflows/test-add-compiler.yaml
@@ -53,7 +53,7 @@ jobs:
           echo ::group::info:bundler
             bundle env
           echo ::endgroup::
-      - name: Provision test cluster (specified architecture with added DR)
+      - name: Provision test cluster (specified architecture with added compiler)
         timeout-minutes: 15
         run: |
           echo ::group::prepare
@@ -84,14 +84,15 @@ jobs:
             --modulepath spec/fixtures/modules \
             architecture=${{ matrix.architecture }} \
             version=${{ matrix.version }} \
-            console_password=${{ secrets.CONSOLE_PASSWORD }}
+            console_password=${{ secrets.CONSOLE_PASSWORD }
       - name: Run add_compiler plan
-        timeout-minutes: 30
+        timeout-minutes: 50
         run: |
           bundle exec bolt plan run peadm_spec::add_compiler -v \
             --inventoryfile spec/fixtures/litmus_inventory.yaml \
             --modulepath spec/fixtures/modules \
-            architecture=${{ matrix.architecture }}
+            architecture=${{ matrix.architecture }} \
+            --stream
       - name: Wait as long as the file ${HOME}/pause file is present
         if: ${{ always() && github.event.inputs.ssh-debugging == 'true' }}
         run: |
diff --git a/REFERENCE.md b/REFERENCE.md
@@ -88,6 +88,7 @@
 
 #### Public Plans
 
+* [`peadm::add_compiler`](#peadm--add_compiler): Add a new compiler to a PE architecture or replace an existing one with new configuration.
 * [`peadm::add_database`](#peadm--add_database)
 * [`peadm::backup`](#peadm--backup): Backup puppet primary configuration
 * [`peadm::backup_ca`](#peadm--backup_ca)
@@ -102,7 +103,6 @@
 
 #### Private Plans
 
-* `peadm::add_compiler`: Add a new compiler to a PE architecture or replace an existing one with new configuration.
 * `peadm::add_replica`: Replace a replica host for a Standard or Large architecture.
 Supported use cases:
 1: The existing replica is broken, we have a fresh new VM we want to provision the replica to.
@@ -1555,6 +1555,56 @@ Which port to query the status API on
 
 ## Plans
 
+### <a name="peadm--add_compiler"></a>`peadm::add_compiler`
+
+Add a new compiler to a PE architecture or replace an existing one with new configuration.
+
+#### Parameters
+
+The following parameters are available in the `peadm::add_compiler` plan:
+
+* [`avail_group_letter`](#-peadm--add_compiler--avail_group_letter)
+* [`compiler_host`](#-peadm--add_compiler--compiler_host)
+* [`dns_alt_names`](#-peadm--add_compiler--dns_alt_names)
+* [`primary_host`](#-peadm--add_compiler--primary_host)
+* [`primary_postgresql_host`](#-peadm--add_compiler--primary_postgresql_host)
+
+##### <a name="-peadm--add_compiler--avail_group_letter"></a>`avail_group_letter`
+
+Data type: `Enum['A', 'B']`
+
+_ Either A or B; whichever of the two letter designations the compiler is being assigned to
+
+Default value: `'A'`
+
+##### <a name="-peadm--add_compiler--compiler_host"></a>`compiler_host`
+
+Data type: `Peadm::SingleTargetSpec`
+
+_ The hostname and certname of the new compiler
+
+##### <a name="-peadm--add_compiler--dns_alt_names"></a>`dns_alt_names`
+
+Data type: `Optional[String[1]]`
+
+_ A comma_separated list of DNS alt names for the compiler
+
+Default value: `undef`
+
+##### <a name="-peadm--add_compiler--primary_host"></a>`primary_host`
+
+Data type: `Peadm::SingleTargetSpec`
+
+_ The hostname and certname of the primary Puppet server
+
+##### <a name="-peadm--add_compiler--primary_postgresql_host"></a>`primary_postgresql_host`
+
+Data type: `Optional[Peadm::SingleTargetSpec]`
+
+_ The hostname and certname of the PE-PostgreSQL server with availability group $avail_group_letter
+
+Default value: `undef`
+
 ### <a name="peadm--add_database"></a>`peadm::add_database`
 
 The peadm::add_database class.
diff --git a/documentation/add_compiler.md b/documentation/add_compiler.md
@@ -0,0 +1,64 @@
+# Add Compiler
+
+- [Add Compiler](#Add-Compiler)
+  - [Introduction](#Introduction)
+  - [Add a compiler to an existing PE cluster](#Add-a-compiler-to-an-existing-PE-cluster)
+  - [Running the `add_compiler` plan](#running-the-add_compiler-plan)
+  - [Optional Parameters](#optional-parameters)
+
+
+## Introduction
+
+The `peadm::add_compiler` plan can be used to add a new compiler to a PE cluster or replace an existing one with new configuration.
+
+
+## Add a compiler to an existing PE cluster
+
+As seen in the example below, this is the minimal parameters required to add a compiler to an existing PE cluster. These can be passed as command line variables to the plan, or in this case added to a params.json file. 
+
+```json
+{
+  "compiler_host": "pe-xl-compiler-0.lab1.puppet.vm",
+  "primary_host":  "pe-xl-core-0.lab1.puppet.vm"
+}
+```
+
+## Running the `add_compiler` plan
+```
+bolt plan run peadm::add_compiler --params @params.json 
+```
+
+This command will retrieve the current PEADM configuration to determine the setup rules needed for a compiler's secondary PuppetDB instances. The plan will configure the primary with appropriate rules for allowing access from the new compiler. On the primary, the `puppet` service is stopped and the `pe-postgresql` service is reloaded. If required, a puppet agent will be installed on the new compiler host. The compiler agent's certificate is regenerated to include data required by the  `peadm::subplans::component_install` plan. A subsequent Puppet agent run will happen on the following components.
+* _\<compiler-host\>_
+* _\<primary_postgresql_host\>_
+* _\<replica host\>_
+* _\<primary_postgresql_host\>_
+
+ The `puppet` service is then restarted.
+
+
+## Optional Parameters
+
+As well as `compiler_host` and `primary_host`, the `add_compiler` plan has a number of optional parameters. These can be viewed in the following params example.
+
+```json
+{
+  "avail_group_letter": "B",
+  "compiler_host": "pe-xl-compiler-0.lab1.puppet.vm",
+  "dns_alt_names": [ "puppet", "puppet.lab1.puppet.vm" ],
+  "primary_host":  "pe-xl-core-0.lab1.puppet.vm",
+  "primary_postgresql_host": "pe-psql-6251cd-0.us-west1-a.c.slice-cody.internal"
+}
+```
+
+Please note, the optional parameters and values of the plan are as follows.
+
+<!-- table -->
+| Parameter                | Default value | Description                                      |
+|--------------------------|---------------|--------------------------------------------------|
+| `avail_group_letter`     | `A`           | By default, each compiler will be added to the primary group A.        |
+| `dns_alt_names`          | `undef`       |                                                  |
+| `primary_postgresql_host`| `undef`       | By default, this will pre-populate to the required value depending if your architecture contains HA and or external databases.                                    |
+
+For more information around adding compilers to your infrastructure [Expanding Your Deployment](expanding.md#adding-compilers-with-peadmadd_compiler)
+
diff --git a/documentation/expanding.md b/documentation/expanding.md
@@ -101,21 +101,21 @@ The Standard deployment architecture is the only deployment architecture of the
 
 ### Adding Compilers to Standard and Large without disaster recovery
 
-The command invocation is identical when adding Compilers to a Standard or Large deployment architecture if disaster recovery (DR) is not enabled and a Replica Puppet server has not been provisioned. Take note of the values for `avail_group_letter` and `primary_postgresql_host`, in this **no DR**  scenario, the value of these parameters will always be set to **A** and the FQDN of the Primary Puppet server.
+The command invocation is identical when adding Compilers to a Standard or Large deployment architecture if disaster recovery (DR) is not enabled and a replica Puppet server has not been provisioned. Take note that `avail_group_letter` is not required in this **no DR**  scenario. By default, the value of this parameter is set to **A**.
 
-    bolt plan run peadm::add_compiler primary_host=<primary-server-fqdn> compiler_host=<new-compiler-fqdn> avail_group_letter=A primary_postgresql_host=<primary-server-fqdn>
+    bolt plan run peadm::add_compiler primary_host=<primary-server-fqdn> compiler_host=<new-compiler-fqdn>
 
 ### Adding Compilers to Extra Large without disaster recovery
 
-When adding a Compiler to a deployment which has adopted the Extra Large deployment architecture in a **no DR** scenario, the only difference is that the `primary_postgresql_host` changes to be the value of the Primary PE-PostgreSQL server as opposed to the Primary Puppet server.
+When adding a compiler to a deployment which has adopted the Extra Large deployment architecture in a **no DR** scenario, the only difference is that the `primary_postgresql_host` changes to the value of the primary PE-PostgreSQL server as opposed to the Primary Puppet server.
 
-    bolt plan run peadm::add_compiler primary_host=<primary-server-fqdn> compiler_host=<new-compiler-fqdn> avail_group_letter=A primary_postgresql_host=<primary-postgresql-server-fqdn>
+    bolt plan run peadm::add_compiler primary_host=<primary-server-fqdn> compiler_host=<new-compiler-fqdn>
 
 ### Adding Compilers to Standard and Large when disaster recovery has been enabled
 
-As was described in the section documenting [peadm::add_replica](#enable-disaster-recovery-and-add-a-replica-with-peadmadd_replica), when disaster recovery (DR) is enabled and a Replica provisioned, PEADM creates a second availability group, **B**. You must take this second availability group into consideration when adding new compilers and ensure you are assigning appropriate values for the group the Compiler is targeted for. It is a good idea to keep these two availability groups populated with an equal quantity of Compilers. Besides the value of `avail_group_letter` being dependent on which group the new Compiler is targeted towards, the value of `primary_postgresql_host` will also vary.
+As was described in the section documenting [peadm::add_replica](#enable-disaster-recovery-and-add-a-replica-with-peadmadd_replica), when disaster recovery (DR) is enabled and a Replica provisioned, PEADM creates a second availability group, **B**. You must take this second availability group into consideration when adding new compilers and ensure you are assigning appropriate values for the group the compiler is targeted for. It is a good idea to keep these two availability groups populated with an equal quantity of compilers. Besides the value of `avail_group_letter` being dependent on which group the new compiler is targeted towards, the value of `primary_postgresql_host` will also vary.
 
-The name of the `primary_postgresql_host` parameter can be confusing, it is **NOT** always equal to the Primary Puppet server or Primary PE-PostgreSQL server, it can also be equal to the Replica Puppet server or Replica PE-PostgreSQL server. It should be set to the server which is a member of the Compiler's target availability group. The easiest way to determine this value is to first run the `peadm::get_peadm_config` task and source the value from its output. In the **Example** section the value to use when targeting the **B** group is `pe-server-59ab63-1.us-west1-b.c.slice-cody.internal`. You'll find the value at `role-letter.server.B`.
+The name of the `primary_postgresql_host` parameter can be confusing, it is **NOT** always equal to the Primary Puppet server or Primary PE-PostgreSQL server, it can also be equal to the replica Puppet server or replica PE-PostgreSQL server. It should be set to the server which is a member of the compiler's target availability group. In most cases this will be handled behind the scenes and not be required to be worked out by the user. The easiest way to determine this value is to first run the `peadm::get_peadm_config` task and source the value from its output. In the **Example** section the value to use when targeting the **B** group is `pe-server-59ab63-1.us-west1-b.c.slice-cody.internal`. You'll find the value at `role-letter.server.B`.
 
     bolt plan run peadm::get_peadm_config --targets <primary-server-fqdn> 
     bolt plan run peadm::add_compiler primary_host=<primary-server-fqdn> compiler_host=<new-compiler-fqdn> avail_group_letter=<new-compiler-target-group> primary_postgresql_host=<target-group-server-fqdn>
@@ -161,7 +161,7 @@ The name of the `primary_postgresql_host` parameter can be confusing, it is **NO
     Successful on 1 target: pe-server-59ab63-0.us-west1-a.c.slice-cody.internal
     Ran on 1 target in 2.46 sec
 
-### Adding compilers to Extra Large when disaster recovery has been enabled
+### Adding Compilers to Extra Large when disaster recovery has been enabled
 
 Adding a Compiler to a deployment which has adopted the Extra Large deployment architecture with disaster recovery (DR) enabled is similar to Standard and Large but the value of `primary_postgresql_host` will no longer correspond to the Primary or Replica Puppet server since PuppetDB databases are now hosted externally. In the **Example** section, the value to use when targeting the **A** group is `pe-psql-65e03f-0.us-west1-a.c.slice-cody.internal`. You'll find the value at `role-letter.postgresql.A`.
 
diff --git a/plans/add_compiler.pp b/plans/add_compiler.pp
@@ -1,6 +1,4 @@
-# This plan is in development and currently considered experimental.
-#
-# @api private
+# @api public
 #
 # @summary Add a new compiler to a PE architecture or replace an existing one with new configuration.
 # @param avail_group_letter _ Either A or B; whichever of the two letter designations the compiler is being assigned to
@@ -9,20 +7,41 @@
 # @param primary_host _ The hostname and certname of the primary Puppet server
 # @param primary_postgresql_host _ The hostname and certname of the PE-PostgreSQL server with availability group $avail_group_letter
 plan peadm::add_compiler(
-  Enum['A', 'B'] $avail_group_letter,
+  Enum['A', 'B'] $avail_group_letter = 'A' ,
   Optional[String[1]] $dns_alt_names = undef,
   Peadm::SingleTargetSpec $compiler_host,
   Peadm::SingleTargetSpec $primary_host,
-  Peadm::SingleTargetSpec $primary_postgresql_host,
+  Optional[Peadm::SingleTargetSpec] $primary_postgresql_host = undef,
 ) {
   $compiler_target           = peadm::get_targets($compiler_host, 1)
   $primary_target            = peadm::get_targets($primary_host, 1)
-  $primary_postgresql_target = peadm::get_targets($primary_postgresql_host, 1)
 
   # Get current peadm config to determine where to setup additional rules for
   # compiler's secondary PuppetDB instances
   $peadm_config = run_task('peadm::get_peadm_config', $primary_target).first.value
 
+  if $primary_postgresql_host == undef {
+    # get the external PostgreSQL host for the specified availability group
+    $external_postgresql_host = $avail_group_letter ? {
+      'A'     => $peadm_config['params']['primary_postgresql_host'],
+      default => $peadm_config['params']['replica_postgresql_host'],
+    }
+
+    # If the external_postgresql_host is undef, use the server for that availability group
+    $postgresql_host = $external_postgresql_host ? {
+      undef   => $peadm_config['role-letter']['server'][$avail_group_letter],
+      default => $external_postgresql_host,
+    }
+
+    if $postgresql_host == undef {
+      fail_plan("No PostgreSQL host found for availability group ${avail_group_letter}")
+    }
+
+    $primary_postgresql_target = peadm::get_targets($postgresql_host, 1)
+  } else {
+    $primary_postgresql_target = peadm::get_targets($primary_postgresql_host, 1)
+  }
+
   # Return the opposite server than the compiler to be added so it can be
   # configured with the appropriate rules for Puppet Server access from
   # compiler
@@ -84,16 +103,16 @@
     path        => '/etc/puppetlabs/puppet/hiera.yaml'
   )
 
-  # On <compiler-host>, run the puppet agent
+  # On <compiler-host>, run puppet agent
   run_task('peadm::puppet_runonce', $compiler_target)
 
-  # On <primary_postgresql_host> run the puppet agent
+  # On <primary_postgresql_host>, run puppet agent
   run_task('peadm::puppet_runonce', $primary_postgresql_target)
 
-  # On replica puppetdb run the puppet agent
+  # On <replica_puppetdb_target>, run puppet agent
   run_task('peadm::puppet_runonce', $replica_puppetdb_target)
 
-  # On <primary_postgresql_host> start puppet.service
+  # On <primary_postgresql_host>, start puppet.service
   run_command('systemctl start puppet.service', peadm::flatten_compact([
         $primary_postgresql_target,
         $replica_puppetdb_target,
diff --git a/spec/acceptance/peadm_spec/plans/add_compiler.pp b/spec/acceptance/peadm_spec/plans/add_compiler.pp
diff --git a/spec/acceptance/peadm_spec/plans/provision_test_cluster.pp b/spec/acceptance/peadm_spec/plans/provision_test_cluster.pp
diff --git a/spec/plans/add_compiler_spec.rb b/spec/plans/add_compiler_spec.rb
