|
| 1 | +# @summary Add a new compiler to a PE architecture or replace an existing one with new configuration. |
| 2 | +# @param avail_group_letter _ Either A or B; whichever of the two letter designations the compiler is being assigned to |
| 3 | +# @param compiler_fqdn _ The FQDN and certname of the new compiler |
| 4 | +# @param dns_alt_names _ A comma_separated list of DNS alt names for the compiler |
| 5 | +# @param primary_server_fqdn _ The FQDN and certname of the primary Puppet server |
| 6 | +# @param postgresql_server_fqdn _ The FQDN and certname of the PE-PostgreSQL server with availability group $avail_group_letter |
| 7 | +plan peadm::add_compiler( |
| 8 | + String[1] $avail_group_letter, |
| 9 | + Peadm::SingleTargetSpec $compiler_fqdn, |
| 10 | + Optional[String[1]] $dns_alt_names = undef, |
| 11 | + Peadm::SingleTargetSpec $primary_server_fqdn, |
| 12 | + Peadm::SingleTargetSpec $postgresql_server_fqdn, |
| 13 | +){ |
| 14 | + # Stop puppet.service |
| 15 | + run_command('systemctl stop puppet.service', $postgresql_server_fqdn) |
| 16 | + |
| 17 | + # Add the following two lines to /opt/puppetlabs/server/data/postgresql/11/data/pg_ident.conf |
| 18 | + # |
| 19 | + # pe-puppetdb-pe-puppetdb-map <new-compiler-fqdn> pe-puppetdb |
| 20 | + # pe-puppetdb-pe-puppetdb-migrator-map <new-compiler-fqdn> pe-puppetdb-migrator |
| 21 | + |
| 22 | + apply($postgresql_server_fqdn) { |
| 23 | + file_line { 'pe-puppetdb-pe-puppetdb-map': |
| 24 | + path => '/opt/puppetlabs/server/data/postgresql/11/data/pg_ident.conf', |
| 25 | + line => "pe-puppetdb-pe-puppetdb-map ${compiler_fqdn} pe-puppetdb", |
| 26 | + } |
| 27 | + file_line { 'pe-puppetdb-pe-puppetdb-migrator-map': |
| 28 | + path => '/opt/puppetlabs/server/data/postgresql/11/data/pg_ident.conf', |
| 29 | + line => "pe-puppetdb-pe-puppetdb-migrator-map ${compiler_fqdn} pe-puppetdb-migrator", |
| 30 | + } |
| 31 | + } |
| 32 | + |
| 33 | + # Reload pe-postgresql.service |
| 34 | + run_command('systemctl reload pe-postgresql.service', $postgresql_server_fqdn) |
| 35 | + |
| 36 | + # Install the puppet agent making sure to specify an availability group letter, A or B, as an extension request. |
| 37 | + $dns_alt_names_flag = $dns_alt_names? { |
| 38 | + undef => [], |
| 39 | + default => "main:dns_alt_names=${dns_alt_names}", |
| 40 | + } |
| 41 | + |
| 42 | + run_task('peadm::agent_install', $compiler_fqdn, |
| 43 | + server => $primary_server_fqdn, |
| 44 | + install_flags => $dns_alt_names_flag + [ |
| 45 | + "extension_requests:${peadm::oid('pp_auth_role')}=pe_compiler", |
| 46 | + "extension_requests:${peadm::oid('peadm_availability_group')}=${avail_group_letter}", |
| 47 | + "main:certname=${compiler_fqdn}", |
| 48 | + ], |
| 49 | + ) |
| 50 | + |
| 51 | + # If necessary, manually submit a CSR |
| 52 | + # run_task('peadm::submit_csr', $compiler_fqdn) |
| 53 | + # On primary-server-fqdn, if necessary, sign the certificate request |
| 54 | + run_task('peadm::sign_csr', $primary_server_fqdn, { 'certnames' => [$compiler_fqdn] } ) |
| 55 | + |
| 56 | + # On <compiler-fqdn>, run the puppet agent |
| 57 | + run_task('peadm::puppet_runonce', $compiler_fqdn) |
| 58 | + |
| 59 | + # On <postgresql-server-fqdn>: |
| 60 | + # Run the puppet agent |
| 61 | + run_task('peadm::puppet_runonce', $postgresql_server_fqdn) |
| 62 | + |
| 63 | + # Start puppet.service |
| 64 | + run_command('systemctl start puppet.service', $postgresql_server_fqdn) |
| 65 | + |
| 66 | + return("Adding or replacing compiler ${compiler_fqdn} succeeded.") |
| 67 | + |
| 68 | +} |
0 commit comments