puppet-tripleo/manifests/packages.pp
Michele Baldessari 4949257038 noop package installations inside containers
While deploying on a rhel8 os beta + pure f28 containers we noticed that
during docker-puppet or during docker-puppet-apply.sh dnf is invoked to
install packages (in this case it was specifically MySQL-python).

It makes zero sense to install packages inside a container because if
you don't commit the container the content will be lost at restart
anyway and so the installed package will be missing anyway.

root 60586 0.0 0.0 13948 2936 ? Ss 15:29 0:00 \_ /bin/bash /var/lib/docker-puppet/docker-puppet.sh
root 60623 6.8 0.7 366532 118236 ? Sl 15:29 0:04 \_ /usr/bin/ruby-mri /usr/bin/puppet apply --summarize --detailed-exitcodes --color=false --logdest syslog --logdest console --modulepath=/etc/puppet/modules:/usr/share/openstack-puppet/modules --tags file,file_line,concat,augeas,cron,cinder_config,cinder_type,file,concat,file_line /etc/config.pp
root 60879 24.1 0.8 613968 137800 ? Ss 15:29 0:11 \_ /usr/bin/python3 /usr/bin/dnf -d 0 -e 1 -y install MySQL-python

The packages *must* be preinstalled in the container images all the
time, assuming we can invoke yum/dnf inside the container makes little
sense.
The reason for this is that this hiera key should not have any effect
inside a container:
[root@win1 hieradata]# hiera -c /etc/puppet/hiera.yaml tripleo::packages::enable_install
true

Tested this change by redeploying a standalone env (which forces package
installation to true) and observed no dnf calls like the ones described
above.

Change-Id: I2bd247af2b54f3a834cdc8a2f253600527c7acd8
Closes-Bug: #1812923
2019-01-26 11:19:17 +01:00

61 lines
1.8 KiB
Puppet

# Copyright 2015 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# == Class: tripleo::packages
#
# Configure package installation/upgrade defaults.
#
# === Parameters:
#
# [*enable_install*]
# Whether to enable package installation via Puppet.
# Defaults to false
#
# [*enable_upgrade*]
# Upgrades all puppet managed packages to latest.
# Defaults to false
#
class tripleo::packages (
$enable_install = false,
$enable_upgrade = false,
) {
# required for stages
include ::stdlib
# if both enable_install and enabled_upgrade are false *or* if we're in containers we noop package installations
if (!str2bool($enable_install) and !str2bool($enable_upgrade)) or $::deployment_type == 'containers' {
case $::osfamily {
'RedHat': {
Package <| |> { provider => 'norpm' }
}
default: {
warning('enable_install option not supported for this distro.')
}
}
}
if str2bool($enable_upgrade) {
Package <| |> { ensure => 'latest' }
# Running the package upgrade before managing Services in the main stage.
# So we're sure that services will be able to restart with the new version
# of the package.
ensure_resource('class', 'tripleo::packages::upgrades', {
'stage' => 'setup',
})
}
}