============================================= Notes on upgrading puppet from ver 2.6 to 3.X ============================================= :Title: Puppet upgrade notes :Author: Douglas O'Leary :Description: Steps to ugprade a simple puppet environment :Disclaimer: Standard: Use the information that follows at your own risk. If you screw up a system, don't blame it on me... Overview: ========= I read through the Pro Puppet book (excellent, btw), and, following the directions therein, I ended up with a version 2.6 puppet implementation. Certainly very functional, particularly for learning, but I want to to explore even more. Current research book is the Puppet 3 cookbook so now, before diving into that, I'm going to try to upgrade to puppet ver 3. Fortunately, I'm not doing anything extraordinary w/my puppet installation yet so I have hopes this will be pretty straight forward. Steps: ====== 1. Turn off all puppet (On the puppet master):: gsh all service puppet stop service httpd stop 2. Backup the puppet configuration:: zip -r /ignite/puppet/130929_pre_upgrade_backup.zip /etc/puppet /etc/httpd/conf.d 3. Enable puppet labs repos:: # rpm -ivh http://yum.puppetlabs.com/el/6/products/i386/puppetlabs-release-6-7.noarch.rpm # yum info puppet-server Loaded plugins: fastestmirror, refresh-packagekit, security Loading mirror speeds from cached hostfile * base: bay.uchicago.edu * epel: mirrors.servercentral.net * extras: mirror.beyondhosting.net * updates: bay.uchicago.edu Installed Packages Name : puppet-server Arch : noarch Version : 2.6.18 Release : 3.el6 Size : 10 k Repo : installed From repo : epel Summary : Server for the puppet system management tool URL : http://puppetlabs.com License : GPLv2 Description : Provides the central puppet server daemon which provides manifests to clients. : The server can also function as a certificate authority and file server. Available Packages Name : puppet-server Arch : noarch Version : 3.3.0 Release : 1.el6 Size : 23 k Repo : puppetlabs-products Summary : Server for the puppet system management tool URL : http://puppetlabs.com License : ASL 2.0 Description : Provides the central puppet server daemon which provides manifests to clients. : The server can also function as a certificate authority and file server. 4. Still on the puppet master, update puppet and puppet-server :: # yum update puppet puppet-server Loaded plugins: fastestmirror, refresh-packagekit, security Loading mirror speeds from cached hostfile * base: bay.uchicago.edu * epel: mirror.steadfast.net * extras: mirror.beyondhosting.net * updates: bay.uchicago.edu Setting up Update Process Resolving Dependencies --> Running transaction check ---> Package puppet.noarch 0:2.6.18-3.el6 will be updated ---> Package puppet.noarch 0:3.3.0-1.el6 will be an update --> Processing Dependency: ruby-rgen >= 0.6.5 for package: puppet-3.3.0-1.el6.noarch --> Processing Dependency: hiera >= 1.0.0 for package: puppet-3.3.0-1.el6.noarch ---> Package puppet-server.noarch 0:2.6.18-3.el6 will be updated ---> Package puppet-server.noarch 0:3.3.0-1.el6 will be an update --> Running transaction check ---> Package hiera.noarch 0:1.2.1-1.el6 will be installed --> Processing Dependency: rubygem-json for package: hiera-1.2.1-1.el6.noarch ---> Package ruby-rgen.noarch 0:0.6.5-1.el6 will be installed --> Running transaction check ---> Package rubygem-json.x86_64 0:1.5.5-1.el6 will be installed --> Finished Dependency Resolution Dependencies Resolved ======================================================================= Package Arch Version Repository Size ======================================================================= Updating: puppet noarch 3.3.0-1.el6 puppetlabs-products 1.1 M puppet-server noarch 3.3.0-1.el6 puppetlabs-products 23 k Installing for dependencies: hiera noarch 1.2.1-1.el6 puppetlabs-products 21 k ruby-rgen noarch 0.6.5-1.el6 puppetlabs-deps 87 k rubygem-json x86_64 1.5.5-1.el6 puppetlabs-deps 763 k Transaction Summary ======================================================================= Install 3 Package(s) Upgrade 2 Package(s) Total download size: 2.0 M Is this ok [y/N]: y Downloading Packages: (1/5): hiera-1.2.1-1.el6.noarch.rpm | 21 kB 00:00 (2/5): puppet-3.3.0-1.el6.noarch.rpm | 1.1 MB 00:00 (3/5): puppet-server-3.3.0-1.el6.noarch.rpm | 23 kB 00:00 (4/5): ruby-rgen-0.6.5-1.el6.noarch.rpm | 87 kB 00:00 (5/5): rubygem-json-1.5.5-1.el6.x86_64.rpm | 763 kB 00:00 ------------------------------------------------------------------------ Total 1.3 MB/s | 2.0 MB 00:01 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Warning: RPMDB altered outside of yum. Installing : rubygem-json-1.5.5-1.el6.x86_64 1/7 Installing : hiera-1.2.1-1.el6.noarch 2/7 Installing : ruby-rgen-0.6.5-1.el6.noarch 3/7 Updating : puppet-3.3.0-1.el6.noarch 4/7 Updating : puppet-server-3.3.0-1.el6.noarch 5/7 Cleanup : puppet-server-2.6.18-3.el6.noarch 6/7 Cleanup : puppet-2.6.18-3.el6.noarch 7/7 Verifying : puppet-server-3.3.0-1.el6.noarch 1/7 Verifying : ruby-rgen-0.6.5-1.el6.noarch 2/7 Verifying : hiera-1.2.1-1.el6.noarch 3/7 Verifying : rubygem-json-1.5.5-1.el6.x86_64 4/7 Verifying : puppet-3.3.0-1.el6.noarch 5/7 Verifying : puppet-server-2.6.18-3.el6.noarch 6/7 Verifying : puppet-2.6.18-3.el6.noarch 7/7 Dependency Installed: hiera.noarch 0:1.2.1-1.el6 ruby-rgen.noarch 0:0.6.5-1.el6 rubygem-json.x86_64 0:1.5.5-1.el6 Updated: puppet.noarch 0:3.3.0-1.el6 puppet-server.noarch 0:3.3.0-1.el6 Complete! 5. Run a test of the agent from the master to the master (taking any potential network issues out of the picture. Troubleshoot any issues. I imagine this'll be the most fun for most people. :: # puppet master --verbose --no-daemonize Notice: Starting Puppet master version 3.3.0 Info: access[^/catalog/([^/]+)$]: allowing 'method' find Info: access[^/catalog/([^/]+)$]: allowing $1 access Info: access[^/node/([^/]+)$]: allowing 'method' find Info: access[^/node/([^/]+)$]: allowing $1 access Info: access[/certificate_revocation_list/ca]: allowing 'method' find Info: access[/certificate_revocation_list/ca]: allowing * access Info: access[^/report/([^/]+)$]: allowing 'method' save Info: access[^/report/([^/]+)$]: allowing $1 access Info: access[/file]: allowing * access Info: access[/certificate/ca]: adding authentication any Info: access[/certificate/ca]: allowing 'method' find Info: access[/certificate/ca]: allowing * access Info: access[/certificate/]: adding authentication any Info: access[/certificate/]: allowing 'method' find Info: access[/certificate/]: allowing * access Info: access[/certificate_request]: adding authentication any Info: access[/certificate_request]: allowing 'method' find Info: access[/certificate_request]: allowing 'method' save Info: access[/certificate_request]: allowing * access Info: access[/]: adding authentication any Info: Inserting default '/status' (auth true) ACL Info: Caching node for pm.olearycomputers.com Info: Caching node for pm.olearycomputers.com Notice: Scope(Class[Osfiles::Params]): OS: CentOS Notice: Scope(Class[Osfiles::Perms]): Root: / Notice: Scope(Class[Osfiles::Perms]): Root_h: /root Notice: Compiled catalog for pm.olearycomputers.com in environment production in 1.28 seconds and, in another window:: # puppet agent --onetime --verbose --no-daemonize --server=pm.olearycomputers.com Info: Retrieving plugin Info: Caching catalog for pm.olearycomputers.com Info: Applying configuration version '1380476201' Notice: Finished catalog run in 1.17 seconds 6. Start httpd ``service httpd start`` 7. Iterate through the clients, enabling the puppetlabs repos, and upgrading puppet:: rpm -ivh http://yum.puppetlabs.com/el/6/products/i386/puppetlabs-release-6-7.noarch.rpm yum -y upgrade puppet puppet agent --onetime --verbose --no-daemonize --server=pm.olearycomputers.com service puppet start Summary: ======== Seems pretty straight forward; but, then, I've got a very simple implementation so far.