puppetlabs · reidmv · Oct 7, 2021 · Oct 1, 2021 · Oct 1, 2021 · Oct 6, 2021
@@ -32,3 +32,7 @@
 .plan_cache.json
 .resource_types/
 bolt-debug.log
+spec/docker/**/*.tar.gz
+spec/docker/**/*.asc
+spec/docker/**/files/puppet-enterprise*
+spec/docker/.task_cache.json
@@ -1,17 +1,12 @@
 ## Docker Based Examples
 This module provides docker compose files for the various architectures for experimentation purposes. This gives you the ability to stand up an entire PE stack in order to learn how this module and DR works. If you have docker and docker-compose you can start up a full Puppet architecture with a single command.  Please note that Puppet does not support PE on containers in production.  
 
-In order to decouple Bolt from a dev system, a special bolt container is created that will run all the bolt commands.  This is
-required to achieve maximum portability.  Should you want to run bolt commands against the PE stack you must
-first login to this bolt container via ssh, docker or docker-compose.
-
-Example: `docker-compose run --entrypoint=/bin/bash bolt`
-
 ### Requirements
 To run the container based examples you will need the following requirements:
 
 1. Docker
 2. Docker compose
+3. Bolt 3.18+
 3. realpath (brew install coreutils on mac)
 4. 16GB memory, 24GB+ for XL and XL-DR architectures
 5. CPU with many cores (Tested with Core i7 6700)
@@ -46,6 +41,8 @@ In order to stop and remove the containers you will need to perform the followin
 2. `cd <chosen architecture>` 
 3. docker-compose down
 
+Alternative you can run something similar like: `docker-compose --project-directory=large down`
+
 ### Logging into the console
 You can login to the PE Console after successful install.  However, first you will need to 
 grab the mapped port number of the PE console.  The port numbers are mapped dynamically as to not
@@ -108,6 +105,8 @@ docker inspect pe-xl-core-0.puppet.vm -f "{{json .NetworkSettings.Networks }}" |
 }
 ```
 
+You can also run `docker inspect pe-xl-core-0.puppet.vm -f "{{json .HostConfig.NetworkMode }}" | sed -e 's/^"//' -e 's/"$//'`
+
 **NOTE** In these example you may see the use of `jq`.  This is a [cli utility for parsing JSON](https://stedolan.github.io/jq/).  I recommend installing it.  As a alternative you can pipe output to `python -m json.tool`.
 
 ### Starting agent containers
@@ -122,8 +121,38 @@ Example:
 For most tasks these images are great.  However, if you wish to use puppet orchestrator with the pcp transport. The one requirement is that all images used must be systemd aware, otherwise pxp will not start. If you do not plan on using pcp 
 there is no need for containers with systemd.
 
-At this time we have not added documention for starting a container with systemd.  Instructions coming soon.
+You can use the the custom image `pe-base` built with the docker cluster named pe-base.  This is a centos:7 image that you can use to generate tens or hundreds of agents.  (Resources permitting).  You will also want to run the docker run command with additonal flags.
+
+`docker run -d -t --hostname=pe-std-agent1.puppet.vm --network=pe-std_default --privileged --label=pe-std-agent,docker-example-agent" -v /sys/fs/cgroup:/sys/fs/cgroup:ro pe-base"`
+
+Once you have created the container you will obviously want to install the puppet agent
+
+`docker exec -ti $CONTAINER_ID sh -c "curl -k https://${PE_SERVER}:8140/packages/current/install.bash | bash && puppet agent -t"`
+
+Accept the cert in the console and run the puppet agent again on the agent container.
 
+Login interactively if you wish: `docker exec -ti $CONTAINER_ID /bin/bash`
+
+Take a look at the spec/docker/Dockerfile for examples of how to setup systemd in a container.
+
+
+### Cleaning up
+Before you run docker-compose down inside the cluster type directory you will need to stop and remove
+all the agent containers if created.
+
+This can be done like so:
+
+```bash
+# base name is the name of the primary hostname without domain
+PE_CLUSTER_TYPE=standard
+BASE_NAME=pe-std
+docker stop $(docker ps -q -f label="${BASE_NAME}-agent")
+docker rm $(docker ps -a -q -f label="${BASE_NAME}-agent")
+# The docker-compose down command cannot be run until the agents have been removed
+cd spec/docker/${PE_CLUSTER_TYPE}
+docker-compose down
+
+```
 
 ### Other notes
 1. The install plan is not fully idempotent.
@@ -134,3 +163,5 @@ At this time we have not added documention for starting a container with systemd
 6. You can use top to view all the processes being run in the containers.
 7. Docker will use the privilege mode option when running these examples (systemd support)
 8. Systemd is running inside these containers!  The real systemd, not the fake one.
+
+If you see errors regarding peadmin::puppet_runonce, just run the install or upgrade script again.  Might have to perform multiple times for resource constrained docker hosts.
@@ -1 +1,2 @@
 *.tar.gz
+puppet-enterprise*
@@ -5,15 +5,15 @@
 FROM centos:7
 EXPOSE 22
 ENV LC_ALL="en_US.UTF-8" LANG="en_US.UTF-8" LANGUAGE="en_US.UTF-8"
-RUN echo "LANG=en_US.UTF-8" > /etc/locale.conf
+RUN echo "LANG=en_US.UTF-8" > /etc/locale.conf 
 STOPSIGNAL SIGRTMIN+3
-ADD live_audit.sh /usr/bin/live_audit.sh 
-ADD live_audit.service /etc/systemd/system/live_audit.service
-RUN chmod 644 /etc/systemd/system/live_audit.service && chmod 755 /usr/bin/live_audit.sh && \
-    echo "root:test" | chpasswd; \
-    useradd -m -s /bin/bash centos && echo "centos:test" | chpasswd; 
-RUN yum -y install epel-release systemd rsync tree vim openssh openssh-server openssh-clients anacron sudo curl openssl
-RUN yum -y install inotify-tools && mkdir /root/bolt_scripts && yum clean all
+RUN echo "root:test" | chpasswd && \
+    useradd -m -s /bin/bash centos && echo "centos:test" | chpasswd;     
+RUN yum -y install wget systemd rsync tree vim openssh openssh-server openssh-clients anacron sudo curl openssl
+RUN yum remove -y puppet-agent # remove any old puppet-agent
+COPY pe-old-pub.gpg /tmp
+RUN mkdir /root/bolt_scripts && yum clean all && \
+    gpg --import /tmp/pe-old-pub.gpg 
 # remove any scripts that don't need to be run
 RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \ 
   rm -f /lib/systemd/system/multi-user.target.wants/*; \
@@ -24,8 +24,7 @@ RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == system
   rm -f /lib/systemd/system/basic.target.wants/*; \
   rm -f /lib/systemd/system/anaconda.target.wants/*; \
   rm -rf /var/cache/yum; \
-  ln -s '/usr/lib/systemd/system/sshd.service' '/etc/systemd/system/multi-user.target.wants/sshd.service' && \
-  ln -s '/etc/systemd/system/live_audit.service' '/etc/systemd/system/multi-user.target.wants/live_audit.service'
+  ln -s '/usr/lib/systemd/system/sshd.service' '/etc/systemd/system/multi-user.target.wants/sshd.service'
 ARG HOST="localhost"
 RUN mkdir -p /root/.puppetlabs/client-tools && \
     echo $' \n\

@@ -0,0 +1,13 @@
+# This Puppetfile is managed by Bolt. Do not edit.
+# For more information, see https://pup.pt/bolt-modules
+
+# The following directive installs modules to the managed moduledir.
+moduledir '.modules'
+
+mod 'puppet/format', '1.0.0'
+mod 'puppetlabs/bolt_shim', '0.3.2'
+mod 'puppetlabs/apply_helpers', '0.3.0'
+mod 'WhatsARanjit/node_manager', '0.7.5'
+mod 'puppetlabs/ruby_task_helper', '0.5.1'
+mod 'puppetlabs/stdlib', '7.1.0'
+mod 'nwops/container_inventory', '0.1.1'
@@ -0,0 +1,12 @@
+---
+name: peadm_docker_examples
+modules: 
+  - name: nwops/container_inventory
+    version_requirement: ">= 0.1.1"
+  - name: puppetlabs/stdlib
+    version_requirement: ">= 6.5.0 < 8.0.0"
+  - puppetlabs/ruby_task_helper
+  - WhatsARanjit/node_manager
+  - puppetlabs/apply_helpers
+  - puppetlabs/bolt_shim
+  - puppet/format
@@ -66,7 +66,9 @@ services:
       - /run
       - /tmp
     volumes:
-      - '/sys/fs/cgroup:/sys/fs/cgroup:ro'       
+      - '/sys/fs/cgroup:/sys/fs/cgroup:ro'  
+
+
   pe_xl_core_1:
     restart: always
     depends_on:
@@ -96,7 +98,9 @@ services:
       - /run
       - /tmp
     volumes:
-      - '/sys/fs/cgroup:/sys/fs/cgroup:ro'      
+      - '/sys/fs/cgroup:/sys/fs/cgroup:ro' 
+
+
   pe_xl_core_0:
     restart: always
     build:
@@ -124,4 +128,6 @@ services:
       - /run
       - /tmp
     volumes:
-      - '/sys/fs/cgroup:/sys/fs/cgroup:ro'    
+      - '/sys/fs/cgroup:/sys/fs/cgroup:ro'
+
+
@@ -3,9 +3,15 @@
   "primary_postgresql_host": "pe-xl-db-0.puppet.vm",
   "replica_postgresql_host": "pe-xl-db-1.puppet.vm",
   "replica_host": "pe-xl-core-1.puppet.vm",
-  "compiler_hosts": ["pe-xl-compiler-0.puppet.vm"],
+  "compiler_hosts": [
+    "pe-xl-compiler-0.puppet.vm"
+  ],
   "console_password": "puppetlabs",
-  "dns_alt_names": [ "puppet", "pe-xl-core-0.puppet.vm", "puppet-xl.vm" ],
+  "dns_alt_names": [
+    "puppet",
+    "pe-xl-core-0.puppet.vm",
+    "puppet-xl.vm"
+  ],
   "version": "2019.8.5",
   "compiler_pool_address": "puppet-xl.vm"
 }
@@ -1,8 +1,10 @@
 {
-    "primary_host": "pe-xl-core-0.puppet.vm",
-    "primary_postgresql_host": "pe-xl-db-0.puppet.vm",
-    "replica_postgresql_host": "pe-xl-db-1.puppet.vm",
-    "replica_host": "pe-xl-core-1.puppet.vm",
-    "compiler_hosts": ["pe-xl-compiler-0.puppet.vm"],
-    "version": "2019.8.5"
+  "primary_host": "pe-xl-core-0.puppet.vm",
+  "primary_postgresql_host": "pe-xl-db-0.puppet.vm",
+  "replica_postgresql_host": "pe-xl-db-1.puppet.vm",
+  "replica_host": "pe-xl-core-1.puppet.vm",
+  "compiler_hosts": [
+    "pe-xl-compiler-0.puppet.vm"
+  ],
+  "version": "2019.8.5"
 }
@@ -69,4 +69,6 @@ services:
       - /run
       - /tmp
     volumes:
-      - '/sys/fs/cgroup:/sys/fs/cgroup:ro'    
+      - '/sys/fs/cgroup:/sys/fs/cgroup:ro'
+
+
@@ -1,8 +1,13 @@
 {
   "primary_host": "pe-xl-core-0.puppet.vm",
   "primary_postgresql_host": "pe-xl-db-0.puppet.vm",
-  "compiler_hosts": ["pe-xl-compiler-0.puppet.vm"],
+  "compiler_hosts": [
+    "pe-xl-compiler-0.puppet.vm"
+  ],
   "console_password": "puppetlabs",
-  "dns_alt_names": [ "puppet", "pe-xl-core-0.puppet.vm" ],
+  "dns_alt_names": [
+    "puppet",
+    "pe-xl-core-0.puppet.vm"
+  ],
   "version": "2019.8.5"
 }
@@ -2,5 +2,5 @@
     "primary_host": "pe-xl-core-0.puppet.vm",
     "primary_postgresql_host": "pe-xl-db-0.puppet.vm",
     "compiler_hosts": ["pe-xl-compiler-0.puppet.vm"],
-    "version": "2019.8.5"
+    "version": "2019.8.5" 
 }
@@ -1,31 +1,26 @@
 #!/usr/bin/env bash
-# bundle install or pdk bundle install
-# bundle exec rake spec_prep or pdk bundle exec rake spec_prep
 # must be in the spec/docker directory
-echo 'Please choose a PE architecture to provision: '
+# must have bolt 3.18+ installed
 downloads=$(realpath ./)
 inventory_dir=$(realpath ./)
 inventory_path=${inventory_dir}/inventory.yaml
 base_repo=$(realpath ../../)
 spec_path=$(realpath ../)
-fixtures_path=$spec_path/fixtures/modules
-num=$(ls ${fixtures_path} | wc -l)
-if [[ ! "$num" -gt "8" ]]; then
-  echo "No fixtures, please run bundle exec rake spec_prep or pdk bundle exec rake spec_prep"
-  exit 1
-fi
+bolt module install
+ln -nfs ../../../ ./.modules/peadm
 # The concurrency is set to 2 to keep CPU usage from skyrocketing during Large and XL deployments
+echo 'Please choose a PE architecture to provision: '
+
 select opt in */
 do
   dir=$(realpath ${opt})
   name=$(basename $opt)
   cd $dir
   docker-compose up -d --build 
-  # nohup /usr/bin/live_audit.sh /root/bolt_scripts /tmp/backup &
-  pdk bundle exec bolt plan run peadm::install --concurrency 2 \
+  bolt plan run peadm::install --concurrency 2 \
   --inventory $inventory_path \
-  --modulepath=$fixtures_path \
   --params @${dir}/params.json \
   --targets=$name
   break;
 done
+# --modulepath=./modules \
@@ -50,7 +50,8 @@ services:
       - /run
       - /tmp
     volumes:
-      - '/sys/fs/cgroup:/sys/fs/cgroup:ro'        
+      - '/sys/fs/cgroup:/sys/fs/cgroup:ro'
+
   large_aio:
     build:
       dockerfile: 'Dockerfile'
@@ -78,3 +79,5 @@ services:
       - /tmp
     volumes:
       - '/sys/fs/cgroup:/sys/fs/cgroup:ro'    
+
+
@@ -1,8 +1,13 @@
 {
   "primary_host": "pe-lg.puppet.vm",
   "replica_host": "pe-lg-replica.puppet.vm",
-  "compiler_hosts": ["pe-lg-compiler-0.puppet.vm"],
+  "compiler_hosts": [
+    "pe-lg-compiler-0.puppet.vm"
+  ],
   "console_password": "puppetlabs",
-  "dns_alt_names": [ "puppet", "pe-lg.puppet.vm" ],
+  "dns_alt_names": [
+    "puppet",
+    "pe-lg.puppet.vm"
+  ],
   "version": "2019.8.5"
 }
@@ -1,7 +1,8 @@
 {
-    "primary_host": "pe-lg.puppet.vm",
-    "replica_host": "pe-lg-replica.puppet.vm",
-    "compiler_hosts": ["pe-lg-compiler-0.puppet.vm"],
-    "version": "2019.8.5"
+  "primary_host": "pe-lg.puppet.vm",
+  "replica_host": "pe-lg-replica.puppet.vm",
+  "compiler_hosts": [
+    "pe-lg-compiler-0.puppet.vm"
+  ],
+  "version": "2019.8.5"
 }
-
@@ -48,4 +48,5 @@ services:
       - /run
       - /tmp
     volumes:
-      - '/sys/fs/cgroup:/sys/fs/cgroup:ro'    
+      - '/sys/fs/cgroup:/sys/fs/cgroup:ro'
+
@@ -1,7 +1,12 @@
 {
   "primary_host": "pe-lg.puppet.vm",
-  "compiler_hosts": ["pe-lg-compiler-0.puppet.vm"],
+  "compiler_hosts": [
+    "pe-lg-compiler-0.puppet.vm"
+  ],
   "console_password": "puppetlabs",
-  "dns_alt_names": [ "puppet", "pe-lg.puppet.vm" ],
-  "version": "2019.8.5"
+  "dns_alt_names": [
+    "puppet",
+    "pe-lg.puppet.vm"
+  ],
+  "version": "2019.8.1"
 }
@@ -1,6 +1,7 @@
 {
-    "primary_host": "pe-lg.puppet.vm",
-    "compiler_hosts": ["pe-lg-compiler-0.puppet.vm"],
-    "version": "2019.8.5"
+  "primary_host": "pe-lg.puppet.vm",
+  "compiler_hosts": [
+    "pe-lg-compiler-0.puppet.vm"
+  ],
+  "version": "2019.8.8"
 }
-