Closed Bug 891982 Opened 11 years ago Closed 10 years ago

Create a GPO to install Puppet Agent on Windows testers

Categories

(Infrastructure & Operations :: RelOps: General, task)

Product:
Infrastructure & Operations
Component:
RelOps: General
Platform:
x86_64
Windows 7
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: markco, Assigned: markco)

References

Details

Creating a GPO to install the Puppet agent rather than putting it into the MDT build. Placing this in a GPO so that there is any needed change to the agent install,version or configuration,it can be done in one location.
Blocks: 798657
Created a GPO named Puppet_testers_x86. 

This gpo installs the msi package located at:
\\...\files\Puppet\puppet-2.7.12(1).msi

It also includes a registry edit to set the Puppet server: 

HKEY_LOCAL_MACHINE\SOFTWARE\Puppet Labs\PuppetInstaller\RememberedPuppetMasterServer\ 
Setting the REG_SZ value "future.puppett.master.lala.com" 

Obviously this value will be changed when the self contained Puppet testing is complete.
Component: RelOps → Server Operations: RelEng
Product: Infrastructure & Operations → mozilla.org
QA Contact: arich
We're using Puppet-3.2.2 now, not 2.7.x.
I updated the GPO with the 3.2.2 msi. It is being pulled from the same location.
Component: Server Operations: RelEng → RelOps
Product: mozilla.org → Infrastructure & Operations
Per bug 891991, this will also need to set the global env vars FACTER_hostname and FACTER_domain to e.g., 't-w732-ix-003' and 'wintest.releng.scl3.mozilla.com', respectively.  Note that domain is *not* 'releng.ad.mozilla.com'!
The GPO has renamed to Puppet_testers_builders. It works without issue or change for 7, 8, and 2008. 

However, this gpo did not work for XP. The original gpo failed to install. The Puppet installer had to copied locally, and the MSI had to be called directly without using msiexec. When msiexec was being used the installer would place the files on the top level of the C drive and not actually install Puppet.  

The GPO that was Puppet_testers_XP:

Preferences-> Windows Settings-> Files:
This copies the contents of \\releng\SYSVOL\releng.ad.mozilla.com\files\Puppet\files\*.*. Which is puppet.msi (The original msi renamed so that when the version of the installer is changed in the future just it will need to be renamed rather then change multiple parts in multiple GPOs) and puppet.bat. These files are being copied to c:\gpo_files.

Preferences-> Control Panel -> Schedule tasks:
Runs an immediate task once if the aforementioned files are present. The task runs puppet.bat. This bat files calls the puppet.msi from the local location. 

The Puppet install has been tested on the four Windows OSes and now being installed during the MDT deploy of the production OSes through a gpupdate.
Added facter .rb file to the GPO Puppet_testers_builders so that Windows Environment Variables will be available for use with in Puppet manifests:

Preferences-> Windows Settings-> Files
Copies source file env.rb from:
\\releng\SYSVOL\releng.ad.mozilla.com\files\Puppet\facter\*.*
to: 
"C:\Program Files\Puppet Labs\Puppet\facter\lib\facter"

Contents of env.rb:
ENV.each do |k,v|
	Facter.add("env_#{k.downcase}".to_sym) do
		setcode do
			v
		end
	end
end
Assignee: mcornmesser → arich
Status: NEW → ASSIGNED
Assignee: arich → mcornmesser
The above mentioned .rb file has been removed from the GPO, and will placed on the puppet master:

https://bugzilla.mozilla.org/show_bug.cgi?id=914246
Additional settings of the GPO:

File Systems settings that sets full control for group Administrators and and System user. This was done because of an underlying process of Puppet will change the ACLSs on the ssl directory. If this does happens this will enable the Puppet agent to function on the GP update. 

File Copy copying the content of \\releng\SYSVOL\releng.ad.mozilla.com\files\Puppet\files\*.* to %PROGRAMDATA%\PuppetLabs\puppet\etc
Most importantly this is copying over the starting Puppet.conf file. This allows Puppet to run, and then this file is updated by Puppet. This alos copies over the Puppetrun.bat and puppettize_hackier3 .vbs. 

puppettize_hackier3 .vbs is set top run in immediate task and only once. This will allow existing machines to have Puppet setup without a fresh OS install. puppettize_hackier3 .vbs will eventaully be replaced with a better method of authentication.

Puppetrun.bat is set to run the Puppet agent on startup, and it logs the agent output to C:\Program FIles\puppe Labs\Puppet\bin. 

Puppetrun.bat:

cd "C:\Program Files\Puppet Labs\Puppet\bin"

puppet agent --test --environment=mcornmesser --server=releng-puppet2.srv.releng.scl3.mozilla.com>>pupptlog.log 2<&1

The contents of Puppetrun.bat will be changed to point to the production environment following once develpoment and testing is complete. 





 


Services setting to disable the Puppet service, so that puppet isn't actively changing files while the machine is in use.
Blocks: 949219
When we rearchitect the system to do bare metal installs, we will no longer have gpo managing slaves.
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.