ReleaseEngineering/PuppetAgain/HowTo/Set up a user environment
Approved people have SSH logins on all puppet masters and a puppet environment at /etc/puppet/environments/$username.
You can use this environment to do your development.
Contents
Common
On the master machine
In general, you'll want to clone https://github.com/mozilla/build-puppet at /etc/puppet/environments/$USER. You can use git if you'd like, doesn't matter. Then link in the config and nodes for the org you're working with; for moco, that's:
cd /etc/puppet/environments/$USER/manifests ln -s moco-config.pp config.pp ln -s moco-nodes.pp nodes.pp
On the worker node(s)
Next, you can run puppet agent on a worker and tell it to use your environment on the server you've selected:
$ su - # puppet agent --test --server=releng-puppet2.srv.releng.mdc1.mozilla.com --environment=dmitchell
On a mac worker, on the first run you will have to specify the ssl dir. For example:
$ su - # puppet agent --test --server=releng-puppet2.srv.releng.mdc1.mozilla.com --environment=kmoir --pluginsync --ssldir=/var/lib/puppet/ssl
Secrets (back on master node)
Note that your secrets will come from the same Hiera datasource as everything else. You can override secrets for your env only in /etc/hiera/environments/<yourname>_secrets.eyaml.
Problems
The most common problem that you'll see is that your version control system will helpfully make the files in your repository not world-readable, and in particular preclude puppet from reading them.
This will result in this error message when try to run puppet on your worker "Could not parse for environment $yourid: Permission denied" in /etc/puppet/environments/$yourid
find . -type f | xargs chmod o+r find . -type d | xargs chmod o+rx
This should not be a problem anymore - puppet is now a member of each user's group, so it should be able to read the repository with the 'g' permissions. Please file bugs or contact dustin for any permissions problems.
Pinning
If you want to make a node use your environment on every run (e.g., for workers that run puppet at boot), you can "pin" the host to your environment. Edit the node definition like this:
node "hostname" { # the pins must come *before* the toplevel include $pin_puppet_server = "releng-puppet2.srv.releng.mdc1.mozilla.com" $pin_puppet_env = "dmitchell" include toplevel::slave::releng::build }
This will result in a puppet.conf on the client that specifies the server and environment.
Git
If you're using git, set things up as follows:
cd /etc/puppet/environments/$USER git init
edit .git/config, and add
sharedRepository = 0644
to the [core] section. Then clone a copy of the git repository (e.g., from http://github.com/mozilla/build-puppet), and start hacking.
git remote add mozilla git@github.com:mozilla/build-puppet.git git fetch mozilla git reset --hard mozilla/master