Class: Puppet::Application::Master

Inherits:
Puppet::Application show all
Defined in:
lib/puppet/application/master.rb

Constant Summary

Constants inherited from Puppet::Application

DOCPATTERN

Constants included from Util

Util::AbsolutePathPosix, Util::AbsolutePathWindows, Util::DEFAULT_POSIX_MODE, Util::DEFAULT_WINDOWS_MODE

Constants included from Util::POSIX

Util::POSIX::LOCALE_ENV_VARS, Util::POSIX::USER_ENV_VARS

Constants included from Util::SymbolicFileMode

Util::SymbolicFileMode::SetGIDBit, Util::SymbolicFileMode::SetUIDBit, Util::SymbolicFileMode::StickyBit, Util::SymbolicFileMode::SymbolicMode, Util::SymbolicFileMode::SymbolicSpecialToBit

Instance Attribute Summary

Attributes inherited from Puppet::Application

#command_line, #options

Instance Method Summary collapse

Methods inherited from Puppet::Application

[], available_application_names, banner, clear!, clear?, clear_everything_for_tests, #configure_indirector_routes, controlled_run, #deprecate, #deprecated?, exit, find, #handle_logdest_arg, #handlearg, #initialize, #initialize_app_defaults, interrupted?, #log_runtime_environment, #name, option, option_parser_commands, #parse_options, restart!, restart_requested?, #run, run_mode, #set_log_level, stop!, stop_requested?, try_load_class

Methods included from Util

absolute_path?, benchmark, chuser, clear_environment, default_env, deterministic_rand, deterministic_rand_int, exit_on_fail, get_env, get_environment, logmethods, merge_environment, path_to_uri, pretty_backtrace, replace_file, safe_posix_fork, set_env, symbolizehash, thinmark, uri_encode, uri_query_encode, uri_to_path, which, withenv, withumask

Methods included from Util::POSIX

#get_posix_field, #gid, #idfield, #methodbyid, #methodbyname, #search_posix_field, #uid

Methods included from Util::SymbolicFileMode

#normalize_symbolic_mode, #symbolic_mode_to_int, #valid_symbolic_mode?

Constructor Details

This class inherits a constructor from Puppet::Application

Instance Method Details

#app_defaultsObject 



142
143
144
145
146
 
# File 'lib/puppet/application/master.rb', line 142

def app_defaults
  super.merge({
    :facts_terminus => 'yaml'
  })
end

#compileObject 



166
167
168
169
170
171
172
173
174
175
176
177
178
 
# File 'lib/puppet/application/master.rb', line 166

def compile
  begin
    unless catalog = Puppet::Resource::Catalog.indirection.find(options[:node])
      raise _("Could not compile catalog for %{node}") % { node: options[:node] }
    end

    puts JSON::pretty_generate(catalog.to_resource, :allow_nan => true, :max_nesting => false)
  rescue => detail
    Puppet.log_exception(detail, _("Failed to compile catalog for node %{node}: %{detail}") % { node: options[:node], detail: detail })
    exit(30)
  end
  exit(0)
end

#helpObject 



32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
 
# File 'lib/puppet/application/master.rb', line 32

def help
  <<-HELP

puppet-master(8) -- #{summary}
========

SYNOPSIS
--------
The central puppet server. Functions as a certificate authority by
default.


USAGE
-----
puppet master [-D|--daemonize|--no-daemonize] [-d|--debug] [-h|--help]
[-l|--logdest syslog|<FILE>|console] [-v|--verbose] [-V|--version]
[--compile <NODE-NAME>]


DESCRIPTION
-----------
This command starts an instance of puppet master, running as a daemon
and using Ruby's built-in Webrick webserver. Puppet master can also be
managed by other application servers; when this is the case, this
executable is not used.


OPTIONS
-------

Note that any Puppet setting that's valid in the configuration file is also a
valid long argument. For example, 'server' is a valid setting, so you can
specify '--server <servername>' as an argument. Boolean settings translate into
'--setting' and '--no-setting' pairs.

See the configuration file documentation at
https://docs.puppetlabs.com/puppet/latest/reference/configuration.html for the
full list of acceptable settings. A commented list of all settings can also be
generated by running puppet master with '--genconfig'.

* --daemonize:
Send the process into the background. This is the default.
(This is a Puppet setting, and can go in puppet.conf. Note the special 'no-'
prefix for boolean settings on the command line.)

* --no-daemonize:
Do not send the process into the background.
(This is a Puppet setting, and can go in puppet.conf. Note the special 'no-'
prefix for boolean settings on the command line.)

* --debug:
Enable full debugging.

* --help:
Print this help message.

* --logdest:
Where to send log messages. Choose between 'syslog' (the POSIX syslog
service), 'console', or the path to a log file. If debugging or verbosity is
enabled, this defaults to 'console'. Otherwise, it defaults to 'syslog'.

A path ending with '.json' will receive structured output in JSON format. The
log file will not have an ending ']' automatically written to it due to the
appending nature of logging. It must be appended manually to make the content
valid JSON.

* --masterport:
The port on which to listen for traffic. The default port is 8140.
(This is a Puppet setting, and can go in puppet.conf.)

* --verbose:
Enable verbosity.

* --version:
Print the puppet version number and exit.

* --compile:
Compile a catalogue and output it in JSON from the puppet master. Uses
facts contained in the $vardir/yaml/ directory to compile the catalog.


EXAMPLE
-------
puppet master

DIAGNOSTICS
-----------

When running as a standalone daemon, puppet master accepts the
following signals:

* SIGHUP:
Restart the puppet master server.
* SIGINT and SIGTERM:
Shut down the puppet master server.
* SIGUSR2:
Close file descriptors for log files and reopen them. Used with logrotate.

AUTHOR
------
Luke Kanies


COPYRIGHT
---------
Copyright (c) 2012 Puppet Inc., LLC Licensed under the Apache 2.0 License

  HELP
end

#mainObject 



180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
 
# File 'lib/puppet/application/master.rb', line 180

def main
  require 'etc'
  # Make sure we've got a localhost ssl cert
  Puppet::SSL::Host.localhost

  # And now configure our server to *only* hit the CA for data, because that's
  # all it will have write access to.
  Puppet::SSL::Host.ca_location = :only if Puppet::SSL::CertificateAuthority.ca?

  if Puppet.features.root?
    if Puppet::Type.type(:user).new(:name => Puppet[:user]).exists?
      begin
        Puppet::Util.chuser
      rescue => detail
        Puppet.log_exception(detail, _("Could not change user to %{user}: %{detail}") % { user: Puppet[:user], detail: detail })
        exit(39)
      end
    else
      Puppet.err(_("Could not change user to %{user}. User does not exist and is required to continue.") % { user: Puppet[:user] })
      exit(74)
    end
  end

  if options[:rack]
    Puppet.deprecation_warning(_("The Rack Puppet master server is deprecated and will be removed in a future release. Please use Puppet Server instead. See http://links.puppet.com/deprecate-rack-webrick-servers for more information."))
    start_rack_master
  else
    Puppet.deprecation_warning(_("The WEBrick Puppet master server is deprecated and will be removed in a future release. Please use Puppet Server instead. See http://links.puppet.com/deprecate-rack-webrick-servers for more information."))
    start_webrick_master
  end
end

#preinitObject 



148
149
150
151
152
153
154
155
156
 
# File 'lib/puppet/application/master.rb', line 148

def preinit
  Signal.trap(:INT) do
    $stderr.puts _("Canceling startup")
    exit(0)
  end

  # save ARGV to protect us from it being smashed later by something
  @argv = ARGV.dup
end

#run_commandObject 



158
159
160
161
162
163
164
 
# File 'lib/puppet/application/master.rb', line 158

def run_command
  if options[:node]
    compile
  else
    main
  end
end

#setupObject

Raises:



265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
 
# File 'lib/puppet/application/master.rb', line 265

def setup
  raise Puppet::Error.new(_("Puppet master is not supported on Microsoft Windows")) if Puppet.features.microsoft_windows?

  setup_logs

  exit(Puppet.settings.print_configs ? 0 : 1) if Puppet.settings.print_configs?

  Puppet.settings.use :main, :master, :ssl, :metrics

  setup_terminuses

  setup_node_cache

  setup_ssl
end

#setup_logsObject 



212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
 
# File 'lib/puppet/application/master.rb', line 212

def setup_logs
  set_log_level

  if !options[:setdest]
    if options[:node]
      # We are compiling a catalog for a single node with '--compile' and logging
      # has not already been configured via '--logdest' so log to the console.
      Puppet::Util::Log.newdestination(:console)
    elsif !(Puppet[:daemonize] or options[:rack])
      # We are running a webrick master which has been explicitly foregrounded
      # and '--logdest' has not been passed, assume users want to see logging
      # and log to the console.
      Puppet::Util::Log.newdestination(:console)
    else
      # No explicit log destination has been given with '--logdest' and we're
      # either a daemonized webrick master or running under rack, log to syslog.
      Puppet::Util::Log.newdestination(:syslog)
    end
  end
end

#setup_node_cachevoid

This method returns an undefined value.

Honor the :node_cache_terminus setting if users have specified it directly. We normally want this nil as use-cases for querying nodes should be going to PuppetDB.

See Also:

  • PUP-6060


261
262
263
 
# File 'lib/puppet/application/master.rb', line 261

def setup_node_cache
  Puppet::Node.indirection.cache_class = Puppet[:node_cache_terminus]
end

#setup_sslObject 



243
244
245
246
247
248
249
250
251
252
253
254
 
# File 'lib/puppet/application/master.rb', line 243

def setup_ssl
  # Configure all of the SSL stuff.
  if Puppet::SSL::CertificateAuthority.ca?
    Puppet::SSL::Host.ca_location = :local
    Puppet.settings.use :ca
    Puppet::SSL::CertificateAuthority.instance
  else
    Puppet::SSL::Host.ca_location = :none
  end
  Puppet::SSL::Oids.register_puppet_oids
  Puppet::SSL::Oids.load_custom_oid_file(Puppet[:trusted_oid_mapping_file])
end

#setup_terminusesObject 



233
234
235
236
237
238
239
240
241
 
# File 'lib/puppet/application/master.rb', line 233

def setup_terminuses
  require 'puppet/file_serving/content'
  require 'puppet/file_serving/metadata'

  Puppet::FileServing::Content.indirection.terminus_class = :file_server
  Puppet::FileServing::Metadata.indirection.terminus_class = :file_server

  Puppet::FileBucket::File.indirection.terminus_class = :file
end

#summaryObject 



28
29
30
 
# File 'lib/puppet/application/master.rb', line 28

def summary
  _("The puppet master daemon")
end