seveas / yum_plugin_puppet

MIT License
11 stars 1 forks source link

Close puppet-yum integration

By default, yum and puppet interact in a rather suboptimal way. This project aims to improve that drastically by making them much more aware of each other. Using a custom puppet provider for packages, and a yum plugin for puppet interaction, puppet runs become more reliable and (when using lots of rpms) a lot faster as well.

How do you use it?

First copy this directory over to your modules directory. Then add this to site.pp:

Package{ provider => 'yum3' }

You also need to make sure the module is actually used, or else the yum plugin will not be installed. A last prerequisite is that the yum package should be managed with puppet, so the provider can get a grip on the catalog.

As an example, here is how I configure it:

This looks like the following:

manifests/site.pp

...
include "nodes.pp"
...

manifests/nodes.pp

...
node some-server.example.com {
    ...
    include s_example_service
}
...

modules/s_example_service/manifests/init.pp

class s_example_service {
    ...
    include base::common
}

modules/base/manifests/init.pp

class base::common {
    ...
    include yum
    include yum_plugin_puppet
    ...
}

modules/yum/manifests/init.pp

class yum {
    ...
    package{"yum":
        ensure => latest;
    }
    ...
}

What does it change?

The biggest change is in the way puppet installs packages. Instead of doing them one by one, it installs/removes most packages in one call to yum. At the start of a puppet run, the provider walks the dependency graph and collects a list of packages that have no puppet dependencies other than packages that don't have any dependencies (etc...). It then calls yum once to install/remove all of these.

Besides speeding up puppet runs, this also avoids version flapping. Imagine the following manifest:

package{"some-package":
    ensure => latest
}
package{"some-other-package":
    ensure => "1.0-1"
}

If the latest version of some-package has an RPM dependency on version 2.0 of some-other-package, alternate puppet runs will keep upgrading and downgrading some-other-package. With this provider that's impossible.

The provider will also install the yum plugin and its configuration, bypassing the dependency graph.

The yum plugin changes a few things:

TODO