Page MenuHomePhabricator

Update gitlab-runners project puppetmaster
Closed, ResolvedPublic

Description

All of cloud vps is being upgraded to puppet7 with new puppet infra. Each puppetmaster needs to be replaced with a version 7 puppetmaster, and then VMs upgraded to puppet7.

Your project contains the following v5 puppetmaster:

gitlab-runners-puppetmaster-01.gitlab-runners.eqiad1.wikimedia.cloud

Please take a moment to consider whether or not you stlil need this project puppetmaster. If you do, migrate with the following steps. Do not hesitate to ask for help from @Andrew or @taavi on IRC if you run into trouble.

In order to migrate:

  1. Make sure you have available quota to create a new g3.cores1.ram2.disk20 VM. If you need more space please open a quota ticket.
  1. Create a 5GB cinder volume (named <projectname>-puppetserver or similar) and mount it as /srv on the existing puppetmaster. Them on the existing puppetmaster:
$ sudo cp -a /var/lib/git /srv
$ mkdir /srv/puppet
$ sudo cp -a /var/lib/puppet/server /srv/puppet
  1. Unmount and detach the cinder volume
  2. Create a new VM for the v7 puppet server, using a flavor with at least 2GB of RAM and Debian Bookworm
  3. Mount the previously-created cinder volume at /srv on the new server
  4. Make the new VM a puppetserver by following directions at https://wikitech.wikimedia.org/wiki/Help:Project_puppetserver#Step_1:_Setup_a_puppetserver.

Puppet classes:

role::puppetserver::cloud_vps_project

hiera:

profile::puppet::agent::force_puppet7: true
puppetmaster: puppet
  1. Adjust ownership on the new puppetserver:
$ sudo chown -R gitpuppet /srv/git; chgrp -R gitpuppet /srv/git
$ sudo chown -R puppet /srv/puppet; chgrp -R puppet /srv/puppet
$ sudo run-puppet-agent; sudo run-puppet-agent
$ sudo systemctl restart puppetserver
$ sudo puppetserver-deploy-code 
  1. Assuming that puppet is now running cleanly on the new puppetserver, move existing VMs to the new host with the hiera setting
puppetmaster: <new puppetserver fqdn>
  1. Finally, update clients of the new puppetserver with the hiera setting
profile::puppet::agent::force_puppet7: true

Debian Buster hosts will complain about not being able to install puppet7 but the warning is harmless for now.

Event Timeline

Andrew updated the task description. (Show Details)

This is done. The old puppetmaster (gitlab-runners-puppetmaster-01) is shut down; please confirm that you're happy with how things are working and then delete that VM and close this ticket. Thanks!

Jelto claimed this task.
Jelto triaged this task as Medium priority.

Thanks @Andrew !

The new puppetserver looks fine. I un-registered one runner (runner-1026.gitlab-runners.eqiad1.wikimedia.cloud) and re-registered and it looks good. Also the private profile::gitlab::runner::token is correct.

Thanks for the migration!