triggering 'apt-get update'?

[Jon Yeargers]

I'm using the puppetforge 'apt' module to deal with some repositories. It has 'always-apt-update' as a property and I've had it set to 'true' but I'm wondering what happens if I don't. 

Is the puppet package manager 'smart' enough to get the latest versions of packages that it's monitoring ('ensure => latest') without being told to keep the repository up to date?

The main reason I'm asking is that the 'apt-get update' seems to always run last in the 'agent' pass. IE it takes two runs to get the latest packages - 1 to update the cache and the 2nd to get the latest versions. 

[Felix Frank]

Hi,

I'm not familiar with this module. Here's some general comments I can add.

On 12/20/2013 04:58 PM, Jon Yeargers wrote:
> Is the puppet package manager 'smart' enough to get the latest versions
> of packages that it's monitoring ('ensure => latest') without being told
> to keep the repository up to date?

That is certainly not the case. Puppet will make apt do all the work. If
apt knows about a package update, puppet can ask it to perform the
update. If it doesn't, then puppet won't learn of it, either.

> The main reason I'm asking is that the 'apt-get update' seems to always
> run last in the 'agent' pass. IE it takes two runs to get the latest
> packages - 1 to update the cache and the 2nd to get the latest versions.

I'm not sure about the reasoning here, or whether this is even by
design. A reason for *not* putting the update early into the run may be
to make sure that key imports and similar operations complete before
apt-get update is run.

Ensuring that all packages are synchronized after the apt-get update
would likely be Very Hard.

Cheers,
Felix

[Stefan Schlesinger]

On Sunday 22 December 2013 at 02:39, Felix Frank wrote:

On 12/20/2013 04:58 PM, Jon Yeargers wrote:

The main reason I'm asking is that the 'apt-get update' seems to always

run last in the 'agent' pass. IE it takes two runs to get the latest

packages - 1 to update the cache and the 2nd to get the latest versions.

Please note that Puppet won’t trigger the actions immediately for Execs and

Services which should only get ‘refreshed’ when once notified.

As Felix wrote, this is by design, because there could be more resources

in the catalog which would also trigger a refresh (eg. you don’t want to

restart Apache for every new vhost added during a run).

I guess your problem here is, that you want to install a package from a

different repository than the default operating system repo?

Puppet will typically create the repository configuration, and will then

install the package from the wrong repository, because apt-get update

wasn’t run yet.

What you would basically want to do, is to tie the APT configuration and

running the apt-get update together and put it in order, so this is run

before any package is installed.

Puppetlabs APT module, is a nice example on how you can write such

contained modules with ‘anchoring’ (from puppetlabs-stdlib):

https://github.com/puppetlabs/puppetlabs-apt/blob/master/manifests/init.pp#L118

There’s also a section in the Puppet guide about contained resources:

http://docs.puppetlabs.com/puppet/3/reference/lang_containment.html

If I’m right then you will basically want to:

 * use the puppetlabs-apt module or something equivalent

 * define an apt::source with the repository you would like to add

 * Tell Puppet to run apt-get update before the installation of any package:

   Exec[‘apt_update'] -> Package <| |>

But sharing code examples or a bit more information would be helpful.

Regards, Stefan.

--
Stefan Schlesinger ////////////////////////////////////////// ///////

http://sts.ono.at

[jcbollinger]

On Friday, December 20, 2013 9:58:33 AM UTC-6, Jon Yeargers wrote:

I'm using the puppetforge 'apt' module to deal with some repositories. It has 'always-apt-update' as a property and I've had it set to 'true' but I'm wondering what happens if I don't. 

There are at least 8 'apt' modules by different authors available from the Forge.  By far the most commonly used one is puppetlabs's own, and its 'apt' class does have a parameter such as you describe, so I will guess that that's the one you are using.

 

Is the puppet package manager 'smart' enough to get the latest versions of packages that it's monitoring ('ensure => latest') without being told to keep the repository up to date?

The main reason I'm asking is that the 'apt-get update' seems to always run last in the 'agent' pass. IE it takes two runs to get the latest packages - 1 to update the cache and the 2nd to get the latest versions. 

Puppet does not enforce any particular relative order of resource synchronization except to the extent you instruct it to do so.  Now you just need to instruct Puppet to manage Apt itself before it manages any packages that rely on Apt.  Stefan has a good suggestion there, but it suffers from a minor problem: in referring to resource Exec['apt_update'] it depends on implementation details of a particular 'apt' module.  It should be sufficient, at least for the puppetlabs-apt module, to instead say

    Class['apt'] -> Package<| |>

That may appear at the top level of site.pp if you are managing only machines that rely on Apt; otherwise it should go into one or more classes or node blocks so that all apt-based machines get that declaration somewhere in their configurations.


John