All of cloud vps is being upgraded to puppet7 with new puppet infra. Each puppetmaster needs to be replaced with a version 7 puppetmaster, and then VMs upgraded to puppet7.
Your project contains the following v5 puppetmaster:
mailman-puppetmaster.mailman.eqiad1.wikimedia.cloud
Please take a moment to consider whether or not you stlil need this project puppetmaster. If you do, migrate with the following steps. Do not hesitate to ask for help from @Andrew or @taavi on IRC if you run into trouble.
In order to migrate:
- Make sure you have available quota to create a new g3.cores1.ram2.disk20 VM. If you need more space please open a quota ticket.
- Create a 5GB cinder volume (named <projectname>-puppetserver or similar) and mount it as /srv on the existing puppetmaster. Them on the existing puppetmaster:
$ sudo cp -a /var/lib/git /srv $ mkdir /srv/puppet $ sudo cp -a /var/lib/puppet/server /srv/puppet
- Unmount and detach the cinder volume
- Create a new VM for the v7 puppet server, using a flavor with at least 2GB of RAM and Debian Bookworm
- Mount the previously-created cinder volume at /srv on the new server
- Make the new VM a puppetserver by following directions at https://wikitech.wikimedia.org/wiki/Help:Project_puppetserver#Step_1:_Setup_a_puppetserver.
Puppet classes:
role::puppetserver::cloud_vps_project
hiera:
profile::puppet::agent::force_puppet7: true puppetmaster: puppet
- Adjust ownership on the new puppetserver:
$ sudo chown -R gitpuppet /srv/git; chgrp -R gitpuppet /srv/git $ sudo chown -R puppet /srv/puppet; chgrp -R puppet /srv/puppet $ sudo run-puppet-agent; sudo run-puppet-agent $ sudo systemctl restart puppetserver $ sudo puppetserver-deploy-code
- Assuming that puppet is now running cleanly on the new puppetserver, move existing VMs to the new host with the hiera setting
puppetmaster: <new puppetserver fqdn>
- Finally, update clients of the new puppetserver with the hiera setting
profile::puppet::agent::force_puppet7: true
Debian Buster hosts will complain about not being able to install puppet7 but the warning is harmless for now.