Can I use Puppet to run system updates?

1,507 views
Skip to first unread message

thierry.th...@gmail.com

unread,
Apr 13, 2009, 2:23:06 PM4/13/09
to Puppet Users
Hello,

Reading the doc I could not find if Puppet could help running system
updates.

I would like to get started with several VMWare guests and few hosts,
all running CentOS. Some are 32bits, some 64bits. These are mostly
VMWare server installations; just starting ESXi with one system. They
are running different apps/configurations.

Of course there are few issues with:

1- VMWare tools that want to be sometimes recompiled on Linux. There
is a trick to avoid the recompilation:
http://vmetc.com/2008/08/31/automating-vmware-tools-installs-and-upgrades-in-linux-guests/
but maybe this could be taken care of with Puppet?

2- VMWare server on the host sometimes does not restart after a kernel
update. It also need to be recompiled. Of course the VM Guests are
down.

3- The host kernel updates might require reboot, shutting down guests.


Can Puppet help for these tasks? Examples?
Thanks,
Thierry

Ross McKerchar

unread,
Apr 14, 2009, 5:21:32 AM4/14/09
to puppet...@googlegroups.com
> -----Original Message-----
> From: puppet...@googlegroups.com [mailto:puppet-
> us...@googlegroups.com] On Behalf Of thierry.th...@gmail.com
> Sent: 13 April 2009 19:23
> To: Puppet Users
> Subject: [Puppet Users] Can I use Puppet to run system updates?
>
> 1- VMWare tools that want to be sometimes recompiled on Linux. There
> is a trick to avoid the recompilation:
> http://vmetc.com/2008/08/31/automating-vmware-tools-installs-and-
> upgrades-in-linux-guests/
> but maybe this could be taken care of with Puppet?
>
> 2- VMWare server on the host sometimes does not restart after a kernel
> update. It also need to be recompiled. Of course the VM Guests are
> down.
>
> 3- The host kernel updates might require reboot, shutting down guests.
>
>
> Can Puppet help for these tasks? Examples?

Yes puppet can probably help with all the above but maybe not in the way you expect :) Puppet is good at managing your system configurations and although it can, via the exec statement, do a lot more it's not always the best tool for the job. A few, hopefully relevant examples:

1) System updates - yes you could have puppet run you're update command directly but instead you're maybe better off using puppet to control the configuration of your updating system, a few examples that I use:

Use puppet to control the cron jobs required for system updates (puppet creates and manages the cron jobs, it _doesn't_ run the commands directly).
Use puppet to install, setup & control the yum-versionlock plugin, this plugin allows you to prevent updates of certain components.
Use puppet to install, setup & control yum-updatesd (the update notification daemon).

2) VM kernel modules

Use puppet to automatically install the open-vm-tools yum repository on any box that is a VM (easily deducible from facter), this repo has VMware kernel modules precompiled for rhel5.
Use puppet to control the aformentation yum-versionlock plugin to ensure that the kernel doesn't get updated when there isn't an appropriate vmware kernel module for the new version.
Alternatively, use puppet to ensure that all VM's have the necessary packages required to compile kernel modules.

I guess my main point is, make sure you use the right tool for the job - it may not be puppet but puppet can probably control the right tool quite nicely :)

hth.

-ross

Sophos Plc, The Pentagon, Abingdon Science Park, Abingdon, OX14 3YP, United Kingdom.
Company Reg No 2096520. VAT Reg No GB 348 3873 20.

Welsh1lad

unread,
Mar 9, 2018, 9:46:14 AM3/9/18
to Puppet Users
Hi , 

 I recently used puppet to upgrade a bunch of Centos 6.4 Machines to to centos 6.9 incl latest kernel .  

  Problems are if you use yum , there is no guarantee that every server will have the same package if there is an update on the repository . So set up a webserver , mount the latest in my case was minimal cenOs 6.9 .
 
I then used puppet to update the repo pointers, run a /var /boot /etc  back up to /tmp  [ you never know ]  Then ran yum -y upgrade within a script . 

This worked . 

Since you dont want puppet upgrading all the time all the nodes in the Classification where set to a rule OSVERSION = 6.4  so when the nodes where upgraded they no longer appeared in this classification . 

 Hope this helps.  

John Gelnaw

unread,
Mar 22, 2018, 4:01:06 PM3/22/18
to Puppet Users
On Monday, April 13, 2009 at 2:23:06 PM UTC-4, thierry.th...@gmail.com wrote:
Hello,

Reading the doc I could not find if Puppet could help running system
updates.

Help, yes.  But I'd advise against trying to do them directly in puppet.
 
I would like to get started with several VMWare guests and few hosts,
all running CentOS. Some are 32bits, some 64bits. These are mostly
VMWare server installations; just starting ESXi with one system. They
are running different apps/configurations.

Of course there are few issues with:

1- VMWare tools that want to be sometimes recompiled on Linux. There
is a trick to avoid the recompilation:
http://vmetc.com/2008/08/31/automating-vmware-tools-installs-and-upgrades-in-linux-guests/
but maybe this could be taken care of with Puppet?

Switch to open-vm-tools.  It's what VMWare reccomends now, and should be provided by your distro.

 
2- VMWare server on the host sometimes does not restart after a kernel
update. It also need to be recompiled. Of course the VM Guests are
down.

3- The host kernel updates might require reboot, shutting down guests.

I have a script for doing updates that I deploy via puppet, and schedule, via puppet.

But the script is a bash script that grabs the time/date of the current kernel (well, the modification time of /boot, which is more aggressive), runs the yum update, and compares the new modification time of /boot.  If they're different, it reboots. 

You can then set the guests to autostart at boot time-- or autostart puppet at boot time, if you're using that to manage guests.

Reply all
Reply to author
Forward
0 new messages