repos_ensure and version on RHEL 7

[bostrowski13]

This module doesn't seem to work on RHEL 7 after trying to spin up a new cluster this morning. Its been a while since we've had to do this, but I've grabbed the latest from this repo, and after updating my code and removing params that are deprecated, I'm now unable to get the server pulled down from package cloud and receiving the error...

"Error: Could not update: Execution of '/bin/yum -d 0 -e 0 -y install rabbitmq-server-3.6.11' returned 1: One of the configured repositories failed (rabbitmq_rabbitmq-server), and yum doesn't have enough cached data to continue." ... failure: repodata/repomd.xml from rabbitmq_rabbitmq-server: [Errno 256] No more mirrors to try. https://packagecloud.io/rabbitmq/rabbitmq-server/el/7Server/x86_64/repodata/repomd.xml: [Errno 14] HTTPS Error 404 - Not Found

Why is the rabbitmq repo not being used? The one at https://www.rabbitmq.com/releases/

You could use version, with package provider RPM, and specify the source as the rabbitmq.com repo...

    version                  => $rabbitmq_version,
    package_provider         => 'rpm',
    package_source           => "https://www.rabbitmq.com/releases/rabbitmq-server/v${rabbitmq_version}/rabbitmq-server-${rabbitmq_version}-1.el${$osmajversion}.noarch.rpm",

You could also do the same thing with erlang, which is also available on the rabbitmq.com repo...

package { 'erlang':
    ensure   => 'installed',
    source   => "https://www.rabbitmq.com/releases/erlang/erlang-${erlang_version}-1.el${osmajversion}.${distribution}.x86_64.rpm",
    provider => 'rpm'
}

i would think this could be put in place of the repo::rhel class and you'd get all of your dependencies without including any other modules.

Looking at https://github.com/voxpupuli/puppet-rabbitmq/pull/493, theres some confusion about which param to use to pin the version, which again, doesn't seem to work when using repos_ensure => true on RHEL 7.

[wyardley]

So at the time I started working on #493, the packagecloud repos were the "official" RabbitMQ repos from what I remember. They are still listed at: https://www.rabbitmq.com/install-rpm.html

I agree that it might be a good idea to switch to, say, https://www.rabbitmq.com/releases/rabbitmq-server/current/ if it actually supports being used as a yum repo - does that have the necessary data? I would just as soon not go back to setting $version and then using the rpm provider vs. the yum provider.

package_ensure would be the only way to pin to a specific version, and I think that was the only way before as well.

The current code works in the acceptance tests (which, admittedly, may not test with repos_ensure) and in my quick tests (even with repos_ensure set), can you let me know what package related settings you have configured? If you're trying to ensure a specific version and that version isn't yet in Packagecloud, that would be one obvious possible cause.

[bostrowski13]

so at the time I had implemented the manifest below, i was able to use "version" to pin v3.6.3, even though 3.6.6 was just released. Below is our implementation of the class. the cluster is 2 nodes, and we're attempting to use the latest version, 3.6.11.

class { '::rabbitmq':
    package_ensure           => $rabbitmq_version,
    repos_ensure             => true,
    service_manage           => true,
    delete_guest_user        => true,
    admin_enable             => true,
    config_cluster           => true,
    cluster_nodes            => $cluster_nodes,
    cluster_node_type        => 'disc',
    erlang_cookie            => $erlang_cookie,
    wipe_db_on_cookie_change => true,
    auth_backends            => [rabbit_auth_backend_internal],
    tcp_backlog              => 512,
    default_user             => $default_username,
    default_pass             => $default_password,
    config_variables         => {
        'log_levels'               => '[{connection,info},{channel,info}]',
        'vm_memory_high_watermark' => 0.75,
        'handshake_timeout'        => 30000,
        'ssl_handshake_timeout'    => 10000,
    },
    ssl                      => true,
    ssl_only                 => true,
    ssl_port                 => '5671',
    ssl_versions             => ['tlsv1.2', 'tlsv1.1'],
    ssl_cacert               => '/etc/rabbitmq/ssl/chain.pem',
    ssl_cert                 => '/etc/rabbitmq/ssl/envcert.pem',
    ssl_key                  => '/etc/rabbitmq/ssl/envcert.key',
    ssl_interface            => $::ipaddress,
    ssl_fail_if_no_peer_cert => false,
    management_ssl           => false,
    ssl_depth                => 2,
    ssl_cert_password        => $ssl_cert_password,
    require                  => Package['erlang','socat']
}

[bostrowski13]

I would add that I didn't know that packagecloud was their repo, and I'm totally cool in using that. It just seems broken with the .11 release, given that yum seems to think its missing the "repomd" file.

[bostrowski13]

I think this is a URL issue now that I'm looking more closely at this.

Incorrect URL in error message (look at "7Server" after "el" and before the architecture value): https://packagecloud.io/rabbitmq/rabbitmq-server/el/7Server/x86_64/repodata/repomd.xml:

Proper URL that returns XML for RHEL 6 and 7... https://packagecloud.io/rabbitmq/rabbitmq-server/el/6/x86_64/repodata/repomd.xml https://packagecloud.io/rabbitmq/rabbitmq-server/el/7/x86_64/repodata/repomd.xml

looking at the rhel.pp manifest, it looks like the base URL is defined as...

$location       = 'https://packagecloud.io/rabbitmq/rabbitmq-server/el/$releasever/$basearch',

which should evaluate to https://packagecloud.io/rabbitmq/rabbitmq-server/el/7/x86_64

based on the following facts of the target OS...

os => {
  architecture => "x86_64",
  family => "RedHat",
  hardware => "x86_64",
  name => "RedHat",
  release => {
    full => "7.4",
    major => "7",
    minor => "4"
  },

so i'm not sure where "Server" is coming from in that URL that is in the error message.

I've also tried removing "rabbitmq_rabbitmq-server.repo" from "/etc/yum.repos.d" and received the same error again.

[bostrowski13]

Contents of the "rabbitmq_rabbitmq-server.repo" file...

[rabbitmq_rabbitmq-server]
baseurl=https://packagecloud.io/rabbitmq/rabbitmq-server/el/$releasever/$basearch
enabled=1
gpgkey=https://www.rabbitmq.com/rabbitmq-release-signing-key.asc

[wyardley]

So this makes sense to me now, should have realized that before.

With RHEL (vs CentOS), there's a difference between Client / Server version of the OS, and $releasevar and $basearch are variables that get interpolated by yum, vs. literal variables in the Puppet manifest. So the simple fix for this is probably to use ${::os['release']['major']} or similar (interpolated) in the yum repo declaration.

I can come up with a simple patch that should fix pretty quickly, however, because of the structural maintenance ongoing with transitioning the module to Voxpupuli, it may take a little to get a fix for this merged.

[ps - I very slightly edited your posts to wrap the code blocks in backticks]

[wyardley]

This is against a PR that's not yet merged, I think the actual changes here may fix your problem if you want to test (still need to run acceptance tests on it and do some manual testing). https://github.com/wyardley/puppet-rabbitmq/tree/fix_rhel_repo_path

I will also try to (at some point) add an acceptance test for repos_ensure.

You're right that if you set the $version before when using the old method of installation, it would work. The problem is that the $version param is kind of confusing when it doesn't affect installation by package, and could then cause situations where $version was set to one thing, but the installed package was a different version.

[wyardley]

Can you see if that fix works for you? I think it will work based on running this manually inside the acceptance test beaker container, however, still CentOS not RHEL.

[root@centos-7-x64 tmp]# puppet apply /tmp/apply_manifest.pp.44FF1S
Warning: /etc/puppetlabs/puppet/hiera.yaml: Use of 'hiera.yaml' version 3 is deprecated. It should be converted to version 5
   (in /etc/puppetlabs/puppet/hiera.yaml)
Warning: This method is deprecated, please use the stdlib validate_legacy function, with Pattern[]. There is further documentation for validate_legacy function in the README. at ["/etc/puppetlabs/code/modules/rabbitmq/manifests/init.pp", 95]:
   (at /etc/puppetlabs/code/environments/production/modules/stdlib/lib/puppet/functions/deprecation.rb:25:in `deprecation')
Notice: Compiled catalog for centos-7-x64.axsops.net in environment production in 0.51 seconds
Notice: /Stage[main]/Rabbitmq::Repo::Rhel/Yumrepo[rabbitmq]/ensure: created
Notice: /Stage[main]/Rabbitmq::Repo::Rhel/Exec[rpm --import https://www.rabbitmq.com/rabbitmq-release-signing-key.asc]/returns: executed successfully
Notice: /Stage[main]/Rabbitmq::Install/Package[rabbitmq-server]/ensure: created
Notice: /Stage[main]/Rabbitmq::Config/File[/etc/rabbitmq]/group: group changed 'rabbitmq' to 'root'
Notice: /Stage[main]/Rabbitmq::Config/File[/etc/rabbitmq]/mode: mode changed '2750' to '0755'
Notice: /Stage[main]/Rabbitmq::Config/File[rabbitmq.config]/ensure: defined content as '{md5}9e960c789346c36bb61a5274bc6954de'
Notice: /Stage[main]/Rabbitmq::Service/Service[rabbitmq-server]/ensure: ensure changed 'stopped' to 'running'
Notice: Applied catalog in 8.27 seconds
[root@centos-7-x64 tmp]# rpm -qi rabbitmq-server
Name        : rabbitmq-server
Version     : 3.6.11
Release     : 1.el7
Architecture: noarch
Install Date: Wed 30 Aug 2017 06:06:44 PM UTC
Group       : Development/Libraries
Size        : 5697173
License     : MPLv1.1 and MIT and ASL 2.0 and BSD
Signature   : RSA/SHA512, Wed 16 Aug 2017 12:11:42 PM UTC, Key ID 6b73a36e6026dfca
Source RPM  : rabbitmq-server-3.6.11-1.el7.src.rpm
Build Date  : Wed 16 Aug 2017 12:11:41 PM UTC
Build Host  : rabbit-releasebuild-debian.haas-40.pez.pivotal.io
Relocations : (not relocatable)
URL         : http://www.rabbitmq.com/
Summary     : The RabbitMQ server
Description :
RabbitMQ is an open source multi-protocol messaging broker.
[root@centos-7-x64 tmp]# cat /etc/yum.repos.d/rabbitmq_rabbitmq-server.repo 
[rabbitmq_rabbitmq-server]
baseurl=https://packagecloud.io/rabbitmq/rabbitmq-server/el/7/$basearch
enabled=1
gpgkey=https://www.rabbitmq.com/rabbitmq-release-signing-key.asc

[wyardley]

@bostrowski13 #577 is merged if you want to test.

[bostrowski13]

@wyardley thanks! i didn't get a chance yesterday but will do so this morning.

[bostrowski13]

works like a charm now.

# cat /etc/yum.repos.d/rabbitmq_rabbitmq-server.repo
[rabbitmq_rabbitmq-server]
baseurl=https://packagecloud.io/rabbitmq/rabbitmq-server/el/7/$basearch
enabled=1
gpgcheck=1
gpgkey=https://www.rabbitmq.com/rabbitmq-release-signing-key.asc

Thanks for the quick response and working with me on this!

[wyardley]

closing via #577