diff --git a/plans/add_compiler.pp b/plans/add_compiler.pp new file mode 100644 index 00000000..d181f5c7 --- /dev/null +++ b/plans/add_compiler.pp @@ -0,0 +1,68 @@ +# @summary Add a new compiler to a PE architecture or replace an existing one with new configuration. +# @param avail_group_letter _ Either A or B; whichever of the two letter designations the compiler is being assigned to +# @param compiler_fqdn _ The FQDN and certname of the new compiler +# @param dns_alt_names _ A comma_separated list of DNS alt names for the compiler +# @param primary_server_fqdn _ The FQDN and certname of the primary Puppet server +# @param postgresql_server_fqdn _ The FQDN and certname of the PE-PostgreSQL server with availability group $avail_group_letter +plan peadm::add_compiler( + String[1] $avail_group_letter, + Peadm::SingleTargetSpec $compiler_fqdn, + Optional[String[1]] $dns_alt_names = undef, + Peadm::SingleTargetSpec $primary_server_fqdn, + Peadm::SingleTargetSpec $postgresql_server_fqdn, +){ + # Stop puppet.service + run_command('systemctl stop puppet.service', $postgresql_server_fqdn) + + # Add the following two lines to /opt/puppetlabs/server/data/postgresql/11/data/pg_ident.conf + # + # pe-puppetdb-pe-puppetdb-map pe-puppetdb + # pe-puppetdb-pe-puppetdb-migrator-map pe-puppetdb-migrator + + apply($postgresql_server_fqdn) { + file_line { 'pe-puppetdb-pe-puppetdb-map': + path => '/opt/puppetlabs/server/data/postgresql/11/data/pg_ident.conf', + line => "pe-puppetdb-pe-puppetdb-map ${compiler_fqdn} pe-puppetdb", + } + file_line { 'pe-puppetdb-pe-puppetdb-migrator-map': + path => '/opt/puppetlabs/server/data/postgresql/11/data/pg_ident.conf', + line => "pe-puppetdb-pe-puppetdb-migrator-map ${compiler_fqdn} pe-puppetdb-migrator", + } + } + + # Reload pe-postgresql.service + run_command('systemctl reload pe-postgresql.service', $postgresql_server_fqdn) + + # Install the puppet agent making sure to specify an availability group letter, A or B, as an extension request. + $dns_alt_names_flag = $dns_alt_names? { + undef => [], + default => "main:dns_alt_names=${dns_alt_names}", + } + + run_task('peadm::agent_install', $compiler_fqdn, + server => $primary_server_fqdn, + install_flags => $dns_alt_names_flag + [ + "extension_requests:${peadm::oid('pp_auth_role')}=pe_compiler", + "extension_requests:${peadm::oid('peadm_availability_group')}=${avail_group_letter}", + "main:certname=${compiler_fqdn}", + ], + ) + + # If necessary, manually submit a CSR + # run_task('peadm::submit_csr', $compiler_fqdn) + # On primary-server-fqdn, if necessary, sign the certificate request + run_task('peadm::sign_csr', $primary_server_fqdn, { 'certnames' => [$compiler_fqdn] } ) + + # On , run the puppet agent + run_task('peadm::puppet_runonce', $compiler_fqdn) + + # On : + # Run the puppet agent + run_task('peadm::puppet_runonce', $postgresql_server_fqdn) + + # Start puppet.service + run_command('systemctl start puppet.service', $postgresql_server_fqdn) + + return("Adding or replacing compiler ${compiler_fqdn} succeeded.") + +}