From 2e0181142bc3ce8d6945c83ff43a78b7436244e2 Mon Sep 17 00:00:00 2001
From: Nick Walker <nick.walker@puppetlabs.com>
Date: Fri, 14 Aug 2015 12:01:30 -0700
Subject: Add puppet-master.yaml to hieradata

I need a way to tune my VMs to use less memory and this allows
me to do that.
---
 hieradata/nodes/puppet-master.yaml | 42 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 hieradata/nodes/puppet-master.yaml

(limited to 'hieradata/nodes')

diff --git a/hieradata/nodes/puppet-master.yaml b/hieradata/nodes/puppet-master.yaml
new file mode 100644
index 0000000..ba1a8ad
--- /dev/null
+++ b/hieradata/nodes/puppet-master.yaml
@@ -0,0 +1,42 @@
+#These setting are intended for low memory testing VMs
+#Not intended for general usage
+---
+#Drop puppetdb Java Heap Size
+#PE3.2 and above
+pe_puppetdb::pe::java_args:
+  -Xmx: '256m'
+  -Xms: '64m'
+#PE3.1 and below
+pe_puppetdb::java_args:
+  -Xmx: '256m'
+  -Xms: '64m'
+#Drop the activemq java heap size
+pe_mcollective::role::master::activemq_heap_mb: '96'
+#Allow access to the puppetdb performance dashboard from non-localhost
+#This is insecure and also allows access to all API endpoints without verification
+pe_puppetdb::pe::listen_address: '0.0.0.0'
+
+#PE3.7+
+#Allow access to the puppetdb performance dashboard from non-localhost
+#This is insecure and also allows access to all API endpoints without verification
+puppet_enterprise::profile::puppetdb::listen_address: '0.0.0.0'
+puppet_enterprise::profile::amq::broker::heap_mb: '96'
+puppet_enterprise::profile::master::java_args:
+  Xmx: '128m'
+  Xms: '128m'
+  'XX:MaxPermSize': '=96m'
+  'XX:PermSize': '=64m'
+puppet_enterprise::profile::puppetdb::java_args:
+  Xmx: '64m'
+  Xms: '64m'
+  'XX:MaxPermSize': '=96m'
+  'XX:PermSize': '=64m'
+puppet_enterprise::profile::console::java_args:
+  Xmx: '64m'
+  Xms: '64m'
+  'XX:MaxPermSize': '=96m'
+  'XX:PermSize': '=64m'
+puppet_enterprise::master::puppetserver::jruby_max_active_instances: 1  #PE3.7.2 only
+puppet_enterprise::profile::console::delayed_job_workers: 1
+#shared_buffers takes affect during install but is not managed after
+puppet_enterprise::profile::database::shared_buffers: '4MB'
-- 
cgit v1.2.3


From 0af9bbf52d7283902141f05da3c642dcd2d64231 Mon Sep 17 00:00:00 2001
From: Nick Walker <nick.walker@puppetlabs.com>
Date: Tue, 18 Aug 2015 14:01:20 -0700
Subject: Move some hieradata around for easier testing in vagrant

I now have a virtual hierarchy level for setting up my lower memory
settings when using vagrant/virtualbox.

The gms settings are in an example-puppet-master.yaml file in the
nodes directory which are needed for the instructions.
---
 hieradata/nodes/example-puppet-master.yaml |  4 +++
 hieradata/nodes/puppet-master.yaml         | 42 ------------------------------
 hieradata/virtual/virtualbox.yaml          | 42 ++++++++++++++++++++++++++++++
 site/profile/manifests/puppetmaster.pp     |  1 +
 4 files changed, 47 insertions(+), 42 deletions(-)
 create mode 100644 hieradata/nodes/example-puppet-master.yaml
 delete mode 100644 hieradata/nodes/puppet-master.yaml
 create mode 100644 hieradata/virtual/virtualbox.yaml

(limited to 'hieradata/nodes')

diff --git a/hieradata/nodes/example-puppet-master.yaml b/hieradata/nodes/example-puppet-master.yaml
new file mode 100644
index 0000000..677e10d
--- /dev/null
+++ b/hieradata/nodes/example-puppet-master.yaml
@@ -0,0 +1,4 @@
+---
+git_management_system: 'gitlab'
+gms_server_url: 'https://gitlab-server'
+gms_api_token: 'BDkZfWWnk4LVTLHdAywd'
diff --git a/hieradata/nodes/puppet-master.yaml b/hieradata/nodes/puppet-master.yaml
deleted file mode 100644
index ba1a8ad..0000000
--- a/hieradata/nodes/puppet-master.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-#These setting are intended for low memory testing VMs
-#Not intended for general usage
----
-#Drop puppetdb Java Heap Size
-#PE3.2 and above
-pe_puppetdb::pe::java_args:
-  -Xmx: '256m'
-  -Xms: '64m'
-#PE3.1 and below
-pe_puppetdb::java_args:
-  -Xmx: '256m'
-  -Xms: '64m'
-#Drop the activemq java heap size
-pe_mcollective::role::master::activemq_heap_mb: '96'
-#Allow access to the puppetdb performance dashboard from non-localhost
-#This is insecure and also allows access to all API endpoints without verification
-pe_puppetdb::pe::listen_address: '0.0.0.0'
-
-#PE3.7+
-#Allow access to the puppetdb performance dashboard from non-localhost
-#This is insecure and also allows access to all API endpoints without verification
-puppet_enterprise::profile::puppetdb::listen_address: '0.0.0.0'
-puppet_enterprise::profile::amq::broker::heap_mb: '96'
-puppet_enterprise::profile::master::java_args:
-  Xmx: '128m'
-  Xms: '128m'
-  'XX:MaxPermSize': '=96m'
-  'XX:PermSize': '=64m'
-puppet_enterprise::profile::puppetdb::java_args:
-  Xmx: '64m'
-  Xms: '64m'
-  'XX:MaxPermSize': '=96m'
-  'XX:PermSize': '=64m'
-puppet_enterprise::profile::console::java_args:
-  Xmx: '64m'
-  Xms: '64m'
-  'XX:MaxPermSize': '=96m'
-  'XX:PermSize': '=64m'
-puppet_enterprise::master::puppetserver::jruby_max_active_instances: 1  #PE3.7.2 only
-puppet_enterprise::profile::console::delayed_job_workers: 1
-#shared_buffers takes affect during install but is not managed after
-puppet_enterprise::profile::database::shared_buffers: '4MB'
diff --git a/hieradata/virtual/virtualbox.yaml b/hieradata/virtual/virtualbox.yaml
new file mode 100644
index 0000000..ba1a8ad
--- /dev/null
+++ b/hieradata/virtual/virtualbox.yaml
@@ -0,0 +1,42 @@
+#These setting are intended for low memory testing VMs
+#Not intended for general usage
+---
+#Drop puppetdb Java Heap Size
+#PE3.2 and above
+pe_puppetdb::pe::java_args:
+  -Xmx: '256m'
+  -Xms: '64m'
+#PE3.1 and below
+pe_puppetdb::java_args:
+  -Xmx: '256m'
+  -Xms: '64m'
+#Drop the activemq java heap size
+pe_mcollective::role::master::activemq_heap_mb: '96'
+#Allow access to the puppetdb performance dashboard from non-localhost
+#This is insecure and also allows access to all API endpoints without verification
+pe_puppetdb::pe::listen_address: '0.0.0.0'
+
+#PE3.7+
+#Allow access to the puppetdb performance dashboard from non-localhost
+#This is insecure and also allows access to all API endpoints without verification
+puppet_enterprise::profile::puppetdb::listen_address: '0.0.0.0'
+puppet_enterprise::profile::amq::broker::heap_mb: '96'
+puppet_enterprise::profile::master::java_args:
+  Xmx: '128m'
+  Xms: '128m'
+  'XX:MaxPermSize': '=96m'
+  'XX:PermSize': '=64m'
+puppet_enterprise::profile::puppetdb::java_args:
+  Xmx: '64m'
+  Xms: '64m'
+  'XX:MaxPermSize': '=96m'
+  'XX:PermSize': '=64m'
+puppet_enterprise::profile::console::java_args:
+  Xmx: '64m'
+  Xms: '64m'
+  'XX:MaxPermSize': '=96m'
+  'XX:PermSize': '=64m'
+puppet_enterprise::master::puppetserver::jruby_max_active_instances: 1  #PE3.7.2 only
+puppet_enterprise::profile::console::delayed_job_workers: 1
+#shared_buffers takes affect during install but is not managed after
+puppet_enterprise::profile::database::shared_buffers: '4MB'
diff --git a/site/profile/manifests/puppetmaster.pp b/site/profile/manifests/puppetmaster.pp
index 20a4416..95a4408 100644
--- a/site/profile/manifests/puppetmaster.pp
+++ b/site/profile/manifests/puppetmaster.pp
@@ -2,6 +2,7 @@ class profile::puppetmaster {
 
   class { 'hiera':
     hierarchy  => [
+      'virtual/%{::virtual}',
       'nodes/%{::trusted.certname}',
       'common',
     ],
-- 
cgit v1.2.3


From 92f8d2d251d9e6fde5c124cb9a6974b1455269f7 Mon Sep 17 00:00:00 2001
From: Nick Walker <nick.walker@puppetlabs.com>
Date: Mon, 26 Oct 2015 14:59:20 -0700
Subject: Configure the MoM to update the classifier after deploying code

This entailed configring the classifier to never sync on a
schedule.

Changing environment_timeout to unlimited for all masters.

Setting a postrun command for r10k that would update the class
information in the classifier (the update-classes endpoint).
---
 hieradata/common.yaml                             |  5 +++++
 hieradata/nodes/example-puppet-master.yaml        |  4 ++++
 site/profile/files/puppetmaster/update-classes.sh | 11 +++++++++++
 site/profile/manifests/puppetmaster.pp            | 16 ++++++++++++++++
 4 files changed, 36 insertions(+)
 create mode 100644 site/profile/files/puppetmaster/update-classes.sh

(limited to 'hieradata/nodes')

diff --git a/hieradata/common.yaml b/hieradata/common.yaml
index 07fbd80..f3fb25a 100644
--- a/hieradata/common.yaml
+++ b/hieradata/common.yaml
@@ -3,3 +3,8 @@ message: "This node is using common data"
 
 #Puppet Server Tuning
 puppet_enterprise::master::puppetserver::jruby_max_requests_per_instance: 10000
+
+#pe-console-services tuning
+#https://docs.puppetlabs.com/pe/latest/console_config.html#tuning-the-classifier-synchronization-period
+#disable classifier scheduled sync and rely on r10k postrun command to sync the classes
+puppet_enterprise::profile::consolei::classifier_synchronization_period: 0
diff --git a/hieradata/nodes/example-puppet-master.yaml b/hieradata/nodes/example-puppet-master.yaml
index 677e10d..584faac 100644
--- a/hieradata/nodes/example-puppet-master.yaml
+++ b/hieradata/nodes/example-puppet-master.yaml
@@ -2,3 +2,7 @@
 git_management_system: 'gitlab'
 gms_server_url: 'https://gitlab-server'
 gms_api_token: 'BDkZfWWnk4LVTLHdAywd'
+
+#setup r10k to update classes in the console after code deploy
+pe_r10k::postrun:
+ - '/usr/local/bin/update-classes.sh'
diff --git a/site/profile/files/puppetmaster/update-classes.sh b/site/profile/files/puppetmaster/update-classes.sh
new file mode 100644
index 0000000..dea10a9
--- /dev/null
+++ b/site/profile/files/puppetmaster/update-classes.sh
@@ -0,0 +1,11 @@
+#https://docs.puppetlabs.com/pe/latest/nc_update_classes.html#post-v1update-classes
+
+CONFDIR=$(puppet master --configprint confdir)
+
+CERT=$(puppet master   --confdir ${CONFDIR} --configprint hostcert)
+CACERT=$(puppet master --confdir ${CONFDIR} --configprint localcacert)
+PRVKEY=$(puppet master --confdir ${CONFDIR} --configprint hostprivkey)
+OPTIONS="--cert ${CERT} --cacert ${CACERT} --key ${PRVKEY}"
+CONSOLE=$(awk '/server =/{print $NF}' ${CONFDIR}/console.conf)
+
+curl -k -X POST ${OPTIONS} "https://${CONSOLE}:4433/classifier-api/v1/update-classes"
diff --git a/site/profile/manifests/puppetmaster.pp b/site/profile/manifests/puppetmaster.pp
index bc52d3b..687b957 100644
--- a/site/profile/manifests/puppetmaster.pp
+++ b/site/profile/manifests/puppetmaster.pp
@@ -48,4 +48,20 @@ class profile::puppetmaster {
   }
   #END - Add deploy key and webhook to git management system
 
+  #Lay down update-classes.sh for use in r10k postrun_command
+  #This is configured via the pe_r10k::postrun key in hiera
+  file { '/usr/local/bin/update-classes.sh' :
+    ensure => file,
+    source => 'puppet::///modules/profile/puppetmaster/update-classes.sh',
+  }
+
+  #https://docs.puppetlabs.com/puppet/latest/reference/config_file_environment.html#environmenttimeout
+  ini_setting { "environment_timeout = unlimited":
+    ensure  => present,
+    path    => '/etc/puppetlabs/puppet/puppet.conf',
+    section => 'main',
+    setting => 'environment_timeout',
+    value   => 'unlimited',
+  }
+
 }
-- 
cgit v1.2.3