This message was deleted.
# office-hours
s
This message was deleted.
c
There's actually an important bit of PE configuration behavior that depends on the fact we didn't do that smiling face but you can see pain in their eyes
lol 1
The
puppet_enterpise
module defines its datadir to be
/etc/puppetlabs/enterprise/conf.d/
so that re-configuration after restore of a backup, or during a classifier outage will mostly Do The Right Thing™ instead of shifting the entire PE install to out-of-box-defaults which is, if nothing else, a great way to slam a performance issue on top of whatever problem you were trying to solve lolsob
b
lol
c
But, pointing to an absolute path is a lesser evil compared to relative paths or symlinks that lead to hoisting yourself on a petard of your own cleverness.
v
I was always wanted to ask, why installer doesn't honor user's hiera, maybe I miss some step? I observe installer revert custom setting and then puppet agent puts them back
I understand that maybe hierarchy is a challenge, but I keep pe settings in common.yaml
b
@csharpsteen tangent: did you know that "petard" is a small bomb and the word etymology is latin for "to fart"?
nodding 1
c
The installer did have a tap into
common.yaml
, but I think that has become less useful recently as
puppet infra configure
sandboxes its
environmentpath
to
/opt/puppetlabs/server/data/environments/
and uses the
enterprise
environment --- as a firebreak between sensitive operations like upgrade and the infinite combinations of user module behavior that acceptance tests can't guard against. In general, the usefulness of user Hiera is debatable since the directories don't exist before installation and are some form of circular dependency after.
v
Is there a way to plug it back in?
or we have to deploy pe.conf instead somehow?
unless it's also ignored?
some services are not properly restarted when they are 'reverted' for example -
Copy code
puppet_enterprise::profile::plan_executor::versioned_deploys
b
you can provide your own pe.conf for the pe-installer/peadm
v
If this is the way , suremandalorian
c
The hierarchy used by
puppet infra configure
is defined in
/etc/puppetlabs/enterprise/hiera.yaml
, but I wouldn't recommend modifying it as one of two things is likely to happen depending on whether it is marked as a config file in the packages: • The file gets overwritten on upgrade and unexpected things happen because customized data sources are no longer pulled in. • The file does not get overwritten on upgrade and unexpected things happen because updated defaults are no longer pulled in.
b
and if you provide a pe.conf the data will be added to the classifier and you won't be able to override it in hiera. so I usually provide a minimal config that just disables metrics/update check
💯 1
then configure code manager, do code deploy, configure the rest via data in hiera
v
enterprise/hiera.yaml does reference common.yaml. but probably it gets ignored because environment is not what normal is
1
Copy code
- name: "Common data from Hiera3 user hieradata"
    datadir: "/etc/puppetlabs/code/environments/%{environment}/hieradata"
    data_hash: yaml_data
    path: "common.yaml"

  - name: "Common data from Hiera5 user data"
    datadir: "/etc/puppetlabs/code/environments/%{environment}/data"
    data_hash: yaml_data
    path: "common.yaml"
b
do you deploy your code before running the installer?
v
not sure what do you mean? installer is also executed during upgrades, so code is already there
b
ahh you're talking about upgrades
v
yep
b
mhm
before you said that I thought our upgrades honoured our hiera data, but now I'm not so sure anymore
v
nope, they don't
c
sudo crontab -l
should show
puppet infra recover_configuration
running on a schedule. That tool looks at PuppetDB and tries to determine if any
puppet_enterprise
parameters are being set via Classifier or user Hiera data. It then writes those values back to
/etc/puppetlabs/enterprise/conf.d/user_data.conf
and
enterprise/conf.d/nodes/*.conf
in the case of settings that appear to be different for compilers vs. primary vs. replica vs. database.
puppet infra configure
also runs that same configuration recovery to sync
enterprise/conf.d/
up before making changes. The
--no-recover
flag is commonly used to skip this step in situations where PuppetDB is not responding.
v
only puppet_enterprise ?
c
puppet_enterprise
is the majority consumer of that data. The
pe_infrastructure
and
pe_repo
modules also use it.
gratitude thank you 1
Looks like those other two may specifically only care about
pe.conf
.
pe_infrastructure
is mostly active during first install, not sure why
pe_repo
ignores the other data files --- likely just an oversight.
v
I observed quite a few changing back and forward - for example
Copy code
--- /etc/puppetlabs/nginx/conf.d/proxy.conf	2023-02-16 09:48:18.801727023 -0500
+++ /etc/puppetlabs/nginx/conf.d/proxy.conf.augnew	2023-05-04 19:10:35.327820741 -0400
@@ -17,7 +17,7 @@
 ssl_session_cache shared:SSL:50m;
 location /
 {
-proxy_pass <http://127.0.0.1:4430>;
+proxy_pass <http://localhost:4430>;
I think the process misses some hiera that one is driven by puppet_enterprise::plaintext_address, for example and it's not extracted to conf.d
d
```- lost a level. (Karma: -109)
v
This goes back and forward
Copy code
--- /etc/puppetlabs/r10k/r10k.yaml      2023-02-04 09:46:53.577921459 -0500
+++ /tmp/puppet-file20230504-3697032-knu4j4     2023-05-04 19:08:34.304876302 -0400
@@ -1,8 +1,8 @@
 ---
-cachedir: /opt/puppetlabs/server/data/puppetserver/r10k
+cachedir: /opt/puppetlabs/puppet/cache/r10k
 sources:
   puppet:
-    basedir: /etc/puppetlabs/code/environments
+    basedir: /opt/puppetlabs/server/data/environments
d
```- lost a level. (Karma: -110)
b
mhm interesting
v
I just reboot server now after upgrade is done 🙂 ¯\_(ツ)_/¯
b
😄