search

puppetlabs / puppet-agent

All of the directions for building a puppet agent package.
Other
47 stars 146 forks source link

Puppet agent on Debian 12 don't find installed modules #2445

Closed elofu17 closed 8 months ago

elofu17 commented 8 months ago

The default install of puppet-agent v7 on Debian 12 lack builtin support for stuff we're used to, like augeas, sshkeys, etc.

And when you manually install these core packets (apt install puppet-module-puppetlabs-augeas-core; apt install puppet-module-puppetlabs-sshkeys-core, etc) they do list as installed with puppet module list, but they are not found.

Workaround: For some reason, adding a symlink to the module(s) in /usr/share/puppet/vendor_modules/ make puppet-agent find them.

When running puppet agent -t on a Debian 12 machine, I get errors like this:

root@baz:~# puppet agent -t
Info: Using environment 'production'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Error: Failed to apply catalog: Resource type 'Augeas' was not found

or

Error: Failed to apply catalog: Resource type 'Ssh_authorized_key' was not found

Steps to Reproduce

Installed a brand new Debian 12 (bookworm) machine Since the puppet-agent .deb package (v7) now seem to be located in the official Debian APT repo, I have not added any custom APT source. (comparison: on my Debian 11 machines I have /etc/apt/sources.list.d/puppet7.list : deb http://apt.puppetlabs.com bullseye puppet7)

echo 'APT::Install-Recommends "0";' > /etc/apt/apt.conf.d/01_no_recommends
apt update && apt -y full-upgrade
apt -y install puppet-agent

mkdir /var/lib/puppet
echo -e 'vardir = /var/lib/puppet\nssldir = /var/lib/puppet/ssl\nserver = puppet-master2.foo.bar' > /etc/puppet/puppet.conf
puppet ssl bootstrap 
  <I now get a signed cerificate>

I declare the node baz.foo.bar in nodes.pp and assign a profile. As long as the profile and manifest don't contain any augeas calls (or ssh-keys, etc), everything is working fine:

root@baz:~# puppet agent -t
Info: Using environment 'production'
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Info: Caching catalog for baz.foo.bar
Info: Applying configuration version 'ea40e02a'
<...doing my changes...>
Notice: Applied catalog in 3.05 seconds
root@baz:~#

But if I add a augeas call - for example:

  augeas { '/etc/default/puppet: enable puppet daemon':
    changes => [
      'set /files/etc/default/puppet/START yes',
      ],
  }

...then puppet-agent immediately bail with "Error: Failed to apply catalog: Resource type 'Augeas' was not found".

Additional Context

Package: puppet-agent Version: 7.23.0-1


The homepage for augeas_core (https://forge.puppet.com/modules/puppetlabs/augeas_core/readme) says:

Setup Requirements: The augeas libraries and ruby bindings must be installed in order to use this module. If you are using puppet-agent packages, then those prerequisites are already satisfied for most platforms.

So for Debian 12, that last sentence don't really apply right now.

To make puppet-agent work the way I'm used to, I currently have to run:

apt install puppet-module-puppetlabs-augeas-core
ln -s /usr/share/puppet/modules.available/puppetlabs-augeas-core /usr/share/puppet/vendor_modules/
apt install puppet-module-puppetlabs-sshkeys-core
ln -s /usr/share/puppet/modules.available/puppetlabs-sshkeys-core /usr/share/puppet/vendor_modules/
...and so on...

I guess you should do something like the following to solve this issue:

1 In the puppet-agent .deb package, perhaps you should add those core modules (like puppet-module-puppetlabs-augeas-core) as Depends.

Ok, now the module is installed, but this is not enough. Because even though puppet module list show that it is installed...

root@baz:~# puppet module list
/usr/share/puppet/modules
└── puppetlabs-augeas_core (v1.1.2)

...apparently it is not found since we get the "'Augeas' was not found" message.

2 I assume the module "registration" is done correctly when the above package is installed (it is located here: /usr/share/puppet/modules/augeas_core -> /etc/alternatives/puppet-module-augeas-core -> /usr/share/puppet/modules.available/puppetlabs-augeas-core).

So the bug must be in 'puppet-agent'. It need to be fixed to find and use the installed module somehow. Exactly how is up to you. Using the vendor_modules dir is just my workaround.

joshcooper commented 8 months ago

@elofu17 please do not file tickets against Debian maintained puppet-agent package here. We do not support Debian 12 yet, so I'm going to close this. Follow https://github.com/puppetlabs/puppet/issues/9149 for updates.

joshcooper commented 8 months ago

It looks like the issue with core modules missing from Debian maintained puppet-agent packages is already filed as https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056355

elofu17 commented 8 months ago

Ah! Sorry, I didn't realize they are two separate projects.

Thanks. Yes, 1056355 looks like the same bug I reported here.

Question: Why are there a Debian maintained version as well as a puppetlabs maintained version? (and the two are non-compatible) What are the pros/cons? I.e. which one should I use on all future Debian 12, 13, 14... machines?