Fixes for `bolt apply` - Githubissues

puppetlabs / puppetlabs-node_manager

Create and manage PE node groups as resources.

Apache License 2.0

10 stars 21 forks source link

Fixes for `bolt apply` #43

Closed reidmv closed 5 years ago

reidmv commented 5 years ago

This PR improves node_manager's ability to locate and use Puppet certificate files, when necessary, including in the circumstance that Puppet.settings[] do not hold any valid values.

This is needed to allow node_manager to work when used with bolt apply. When Bolt performs an apply Puppet run, it invokes Puppet on the target system with a temporary, isolated confdir. Thus, normal Puppet.settings[] values are unavailable.

WhatsARanjit commented 5 years ago

@reidmv So Bolt isn't able to read PE's settings in order to make changes. Is this true also when using PXP for transport also?

reidmv commented 5 years ago

@WhatsARanjit It's less that Bolt isn't able to, and more that Bolt intentionally, by design, doesn't. Not in the specific case when Bolt is being used to apply manifest blocks to a target system.

Because this is by design, if it wasn't true when using the PCP transport, that would be considered a bug in Bolt.

reidmv commented 5 years ago

The use case this is looking to enable is let this kind of action work correctly:

[centos@jumpbox ~]$ ls -1F
bolt.yaml
modules/
[centos@jumpbox ~]$ puppet module install WhatsARanjit-node_manager --modulepath=modules
[centos@jumpbox ~]$ bolt apply -e 'node_group { "test": ensure => present; }' --nodes test-01.dev5.puppet.vm

WhatsARanjit commented 5 years ago

My understanding is that bolt apply creates a sandbox on the target system, so the values of Puppet.settings[] are the sandbox's values, not the system's values. This seems like an item that can affect any module. So treating the symptoms on a module-level might be hardcoding values into a module, but I think overall Bolt as a tool can provide a better way of doing this.

WhatsARanjit commented 5 years ago

@reidmv To resurface this, you can use the T/P or face directly from any system running Puppet (even a system not involved in the same Puppet-ecosystem) by adding a node_manager.yaml file: https://github.com/WhatsARanjit/puppet-node_manager#remote-client-or-custom-information Also, for systems not running Puppet, the "puppet-less" provider is available: https://github.com/WhatsARanjit/puppet-node_manager/tree/master/scripts

Is this helpful?

reidmv commented 5 years ago

@WhatsARanjit the node_manager.yaml file is probably a decent workaround. In a Bolt plan a user could first lay down such a file, before invoking any Node_group resources.

I'll close this PR. Thanks!