Page MenuHomePhabricator

Update mailman project puppetmaster
Closed, ResolvedPublic


All of cloud vps is being upgraded to puppet7 with new puppet infra. Each puppetmaster needs to be replaced with a version 7 puppetmaster, and then VMs upgraded to puppet7.

Your project contains the following v5 puppetmaster:

Please take a moment to consider whether or not you stlil need this project puppetmaster. If you do, migrate with the following steps. Do not hesitate to ask for help from @Andrew or @taavi on IRC if you run into trouble.

In order to migrate:

  1. Make sure you have available quota to create a new g3.cores1.ram2.disk20 VM. If you need more space please open a quota ticket.
  1. Create a 5GB cinder volume (named <projectname>-puppetserver or similar) and mount it as /srv on the existing puppetmaster. Them on the existing puppetmaster:
$ sudo cp -a /var/lib/git /srv
$ mkdir /srv/puppet
$ sudo cp -a /var/lib/puppet/server /srv/puppet
  1. Unmount and detach the cinder volume
  2. Create a new VM for the v7 puppet server, using a flavor with at least 2GB of RAM and Debian Bookworm
  3. Mount the previously-created cinder volume at /srv on the new server
  4. Make the new VM a puppetserver by following directions at

Puppet classes:



profile::puppet::agent::force_puppet7: true
puppetmaster: puppet
  1. Adjust ownership on the new puppetserver:
$ sudo chown -R gitpuppet /srv/git; chgrp -R gitpuppet /srv/git
$ sudo chown -R puppet /srv/puppet; chgrp -R puppet /srv/puppet
$ sudo run-puppet-agent; sudo run-puppet-agent
$ sudo systemctl restart puppetserver
$ sudo puppetserver-deploy-code 
  1. Assuming that puppet is now running cleanly on the new puppetserver, move existing VMs to the new host with the hiera setting
puppetmaster: <new puppetserver fqdn>
  1. Finally, update clients of the new puppetserver with the hiera setting
profile::puppet::agent::force_puppet7: true

Debian Buster hosts will complain about not being able to install puppet7 but the warning is harmless for now.

Event Timeline

Mentioned in SAL (#wikimedia-cloud) [2024-03-29T15:40:02Z] <andrewbogott> rebooting mailman03; it's unresponsive and I'm trying to move it to the new puppetserver for T361371

I've built a new puppetserver ( and shut off the old one. Please delete when you're satisfied that things are working properly. (Spoiler: they weren't working before)

We don't have any more unmerged puppet patches AFAIK. For the newer upgrade, we should have some.

Andrew claimed this task.