3 # Copyright 2013 OpenStack Foundation.
4 # Copyright 2013 Hewlett-Packard Development Company, L.P.
5 # Copyright 2013 Red Hat, Inc.
7 # Licensed under the Apache License, Version 2.0 (the "License"); you may
8 # not use this file except in compliance with the License. You may obtain
9 # a copy of the License at
11 # http://www.apache.org/licenses/LICENSE-2.0
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
16 # License for the specific language governing permissions and limitations
21 # Distro identification functions
22 # note, can't rely on lsb_release for these as we're bare-bones and
23 # it may not be installed yet)
27 [ -f /usr/bin/yum ] && cat /etc/*release | grep -q -e "Fedora"
31 [ -f /usr/bin/yum ] && \
32 cat /etc/*release | grep -q -e "Red Hat" -e "CentOS" -e "CloudLinux" && \
33 cat /etc/*release | grep -q 'release 7'
37 [ -f /usr/bin/apt-get ]
40 function is_opensuse {
41 [ -f /usr/bin/zypper ] && \
42 cat /etc/os-release | grep -q -e "openSUSE"
46 [ -f /usr/bin/emerge ]
49 # dnf is a drop-in replacement for yum on Fedora>=22
51 if is_fedora && [[ $(lsb_release -rs) -ge 22 ]]; then
57 # Distro specific puppet installs
60 function _systemd_update {
61 # there is a bug (rhbz#1261747) where systemd can fail to enable
62 # services due to selinux errors after upgrade. A work-around is
63 # to install the latest version of selinux and systemd here and
64 # restart the daemon for good measure after it is upgraded.
65 $YUM install -y selinux-policy
66 $YUM install -y systemd
67 systemctl daemon-reload
70 function setup_puppet_fedora {
75 # NOTE: we preinstall lsb_release here to ensure facter sets
78 # Fedora declares some global hardening flags, which distutils
79 # pick up when building python modules. redhat-rpm-config
80 # provides the required config options. Really this should be a
81 # dependency of python-devel (fix in the works, see
82 # https://bugzilla.redhat.com/show_bug.cgi?id=1217376) and can be
83 # removed when that is sorted out.
85 $YUM install -y redhat-lsb-core git puppet \
88 mkdir -p /etc/puppet/modules/
90 # Puppet expects the pip command named as pip-python on
91 # Fedora, as per the packaged command name. However, we're
92 # installing from get-pip.py so it's just 'pip'. An easy
93 # work-around is to just symlink pip-python to "fool" it.
95 # https://tickets.puppetlabs.com/browse/PUP-1082
96 ln -fs /usr/bin/pip /usr/bin/pip-python
97 # Wipe out templatedir so we don't get warnings about it
98 sed -i '/templatedir/d' /etc/puppet/puppet.conf
100 # upstream is currently looking for /run/systemd files to check
101 # for systemd. This fails in a chroot where /run isn't mounted
102 # (like when using dib). Comment out this confine as fedora
105 # https://github.com/puppetlabs/puppet/pull/4481
106 # https://bugzilla.redhat.com/show_bug.cgi?id=1254616
107 sudo sed -i.bak '/^[^#].*/ s|\(^.*confine :exists => \"/run/systemd/system\".*$\)|#\ \1|' \
108 /usr/share/ruby/vendor_ruby/puppet/provider/service/systemd.rb
110 # upstream "requests" pip package vendors urllib3 and chardet
111 # packages. The fedora packages un-vendor this, and symlink those
112 # sub-packages back to packaged versions. We get into a real mess
113 # of if some of the puppet ends up pulling in "requests" from pip,
114 # and then something like devstack does a "yum install
115 # python-requests" which does a very bad job at overwriting the
116 # pip-installed version (symlinks and existing directories don't
117 # mix). A solution is to pre-install the python-requests
118 # package; clear it out and re-install from pip. This way, the
119 # package is installed for dependencies, and we have a pip-managed
120 # requests with correctly vendored sub-packages.
121 sudo ${YUM} install -y python2-requests
122 sudo rm -rf /usr/lib/python2.7/site-packages/requests/*
123 sudo rm -rf /usr/lib/python2.7/site-packages/requests-*.{egg,dist}-info
124 sudo pip install requests
127 function setup_puppet_rhel7 {
128 local puppet_pkg="https://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm"
130 # install a bootstrap epel repo to install latest epel-release
131 # package (which provides correct gpg keys, etc); then remove
133 cat > /etc/yum.repos.d/epel-bootstrap.repo <<EOF
136 mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=epel-7&arch=\$basearch
137 failovermethod=priority
141 yum --enablerepo=epel-bootstrap -y install epel-release
142 rm -f /etc/yum.repos.d/epel-bootstrap.repo
147 # NOTE: we preinstall lsb_release to ensure facter sets lsbdistcodename
148 yum install -y redhat-lsb-core git puppet
152 # see comments in setup_puppet_fedora
153 ln -s /usr/bin/pip /usr/bin/pip-python
154 # Wipe out templatedir so we don't get warnings about it
155 sed -i '/templatedir/d' /etc/puppet/puppet.conf
157 # install RDO repo as well; this covers a few things like
158 # openvswitch that aren't available for EPEL
159 yum install -y https://rdoproject.org/repos/rdo-release.rpm
162 function setup_puppet_ubuntu {
163 if ! which lsb_release > /dev/null 2<&1 ; then
164 DEBIAN_FRONTEND=noninteractive apt-get --option 'Dpkg::Options::=--force-confold' \
165 --assume-yes install -y --force-yes lsb-release
168 lsbdistcodename=`lsb_release -c -s`
169 if [ $lsbdistcodename != 'trusty' ] ; then
180 cat > /etc/apt/preferences.d/00-puppet.pref <<EOF
181 Package: puppet puppet-common puppetmaster puppetmaster-common puppetmaster-passenger
182 Pin: version $PUPPET_VERSION
185 Package: puppetdb puppetdb-terminus
186 Pin: version $PUPPETDB_VERSION
190 Pin: version $FACTER_VERSION
194 # NOTE(pabelanger): Puppetlabs does not support ubuntu xenial. Instead use
195 # the version of puppet ship by xenial.
196 if [ $lsbdistcodename != 'xenial' ]; then
197 puppet_deb=puppetlabs-release-${lsbdistcodename}.deb
198 if type curl >/dev/null 2>&1; then
199 curl -O http://apt.puppetlabs.com/$puppet_deb
201 wget http://apt.puppetlabs.com/$puppet_deb -O $puppet_deb
208 DEBIAN_FRONTEND=noninteractive apt-get --option 'Dpkg::Options::=--force-confold' \
209 --assume-yes dist-upgrade
210 DEBIAN_FRONTEND=noninteractive apt-get --option 'Dpkg::Options::=--force-confold' \
211 --assume-yes install -y --force-yes puppet git $rubypkg
212 # Wipe out templatedir so we don't get warnings about it
213 sed -i '/templatedir/d' /etc/puppet/puppet.conf
216 function setup_puppet_opensuse {
217 local version=`grep -e "VERSION_ID" /etc/os-release | tr -d "\"" | cut -d "=" -f2`
218 zypper ar http://download.opensuse.org/repositories/systemsmanagement:/puppet/openSUSE_${version}/systemsmanagement:puppet.repo
219 zypper -v --gpg-auto-import-keys --no-gpg-checks -n ref
220 zypper --non-interactive in --force-resolution puppet
221 # Wipe out templatedir so we don't get warnings about it
222 sed -i '/templatedir/d' /etc/puppet/puppet.conf
225 function setup_puppet_gentoo {
226 echo yes | emaint sync -a
227 emerge -q --jobs=4 puppet-agent
228 sed -i '/templatedir/d' /etc/puppetlabs/puppet/puppet.conf
236 # Install pip using get-pip
237 local get_pip_url=https://bootstrap.pypa.io/get-pip.py
240 if [ -f ./get-pip.py ]; then
242 elif type curl >/dev/null 2>&1; then
245 elif type wget >/dev/null 2>&1; then
250 if [ $ret -ne 0 ]; then
251 echo "Failed to get get-pip.py"
256 zypper --non-interactive in --force-resolution python python-xml
262 # we are about to overwrite setuptools, but some packages we
263 # install later might depend on the python-setuptools package. To
264 # avoid later conflicts, and because distro packages don't include
265 # enough info for pip to certain it can fully uninstall the old
266 # package, for safety we clear it out by hand (this seems to have
267 # been a problem with very old to new updates, e.g. centos6 to
268 # current-era, but less so for smaller jumps). There is a bit of
269 # chicken-and-egg problem with pip in that it requires setuptools
270 # for some operations, such as wheel creation. But just
271 # installing setuptools shouldn't require setuptools itself, so we
272 # are safe for this small section.
273 if is_rhel7 || is_fedora; then
274 yum install -y python-setuptools
275 rm -rf /usr/lib/python2.7/site-packages/setuptools*
278 pip install -U setuptools
289 elif is_opensuse; then
290 setup_puppet_opensuse
294 echo "*** Can not setup puppet: distribution not recognized"