From dd6890995c59e1110146e854dca7ba6495ece9ed Mon Sep 17 00:00:00 2001 From: Konrad Bucheli Date: Thu, 9 Nov 2023 11:42:23 +0100 Subject: [PATCH] move software installation docs to admin configuration guides --- _toc.yml | 6 +- admin-guide/configuration.md | 10 ++- admin-guide/configuration/packages.md | 122 ++++++++++++++++++++++++++ 3 files changed, 135 insertions(+), 3 deletions(-) create mode 100644 admin-guide/configuration/packages.md diff --git a/_toc.yml b/_toc.yml index f253e65b..c6f9a11a 100644 --- a/_toc.yml +++ b/_toc.yml @@ -36,13 +36,17 @@ chapters: - file: admin-guide/configuration sections: - file: admin-guide/configuration/icinga2 - - file: admin-guide/configuration/central_logging_elastic + - file: admin-guide/configuration/packages +# - file: admin-guide/configuration/package_updates +# - file: admin-guide/configuration/package_repositories +# - file: admin-guide/configuration/services - file: admin-guide/configuration/mount - file: admin-guide/configuration/distribute_files - file: admin-guide/configuration/vgroot - file: admin-guide/configuration/xrdp - file: admin-guide/configuration/custom_nameservers - file: admin-guide/configuration/puppet_agent + - file: admin-guide/configuration/central_logging_elastic - file: admin-guide/configuration/keyboard_layout - file: admin-guide/configuration/autologin - file: admin-guide/configuration/screen_lock diff --git a/admin-guide/configuration.md b/admin-guide/configuration.md index a78766ae..e3cb4266 100644 --- a/admin-guide/configuration.md +++ b/admin-guide/configuration.md @@ -5,8 +5,11 @@ Here starts a so far small collections of configuration guides for sysadmins of ## Monitoring - [Icinga2](configuration/icinga2) -## Logging -- [Setup Central Logging to Elastic](configuration/central_logging_elastic) +## Software Management +- [Package Installation](configuration/packages) +- [Automated Package Updates](configuration/package_updates) +- [Adding Package Repositories](configuration/package_repositories) +- [Managing Services with Systemd)](configuration/services) ## Basic Setup - [Mounting Volumes](configuration/mount) @@ -16,6 +19,9 @@ Here starts a so far small collections of configuration guides for sysadmins of - [Custom Nameservers](configuration/custom_nameservers) - [Puppent Agent run frequency](configuration/puppet_agent) +## Logging +- [Setup Central Logging to Elastic](configuration/central_logging_elastic) + ## Desktop - [Keyboard Layout](configuration/keyboard_layout) - [Autologin](configuration/autologin) diff --git a/admin-guide/configuration/packages.md b/admin-guide/configuration/packages.md new file mode 100644 index 00000000..ed563e5e --- /dev/null +++ b/admin-guide/configuration/packages.md @@ -0,0 +1,122 @@ +# Package Installation + +## Install Packages with Hiera Package Groups + +The packages automatically installed onto a system by Puppet are managed in the Hiera list `base::package_groups`. It contains the names of the package groups to be installed. Items can be added at all levels of the Hiera hierarchy and are merged. + +The package groups itself are Hieara lists named `base::pkg_group::$USE_CASE`. +Here list all the packages you want to install. + +Currently there exist the following package groups in the main [`common.yaml`](https://git.psi.ch/linux-infra/puppet/-/blob/preprod/data/common.yaml): + +- `base::pkg_group::system_tools` (installed by default) +- `base::pkg_group::daq_buffer` +- `base::pkg_group::desktop_settings` +- `base::pkg_group::dev` +- `base::pkg_group::login_server` +- `base::pkg_group::qt5` +- `base::pkg_group::root` + +but further ones can be created in Hiera at lower hierachies and added to `base::package_groups`, for example + +``` +base::pkg_group::java: + - 'java-1.8.0-openjdk' + - 'java-11-openjdk' + - 'java-17-openjdk' + +base::package_groups: + - 'java' +``` + + + +## Install a Group of Packages + +To add a RedHat predefined group of packages (checkout out `dnf grouplist --hidden`) prepend the name of it with a `@`, e.g. for "Java Platform" it would be `@Java Platform`: + +``` +base::pkg_group::java: + - '@Java Platform' +``` + +## Install Latest Package Version + +Puppet by default only checks if a package is installed and only installs it if missing. +To ensure that always the latest available package version is installed, append the `:latest` tag to the package name in the package group: + +``` +base::pkg_group::java: + - 'java-1.8.0-openjdk' + - 'java-11-openjdk' + - 'java-17-openjdk:latest' +``` + +## Install Packages only on Given OS Version + + Certain packages are only used on a given OS Version, so a `os=` with the OS name and the major version selects a package only for given OS, where as a `os!` will filter away given package on hosts with given OS, so they are not installed there. + +``` +base::pkg_group::java: + - 'java-1.8.0-openjdk:os=redhat7' + - 'java-11-openjdk' + - 'java-17-openjdk:os!redhat7' +``` + +Note that this tag can be combined with the `latest` and `absent` tag. + +## Install Module Stream + +RHEL 8 introduced the concept of [module streams](https://docs.pagure.org/modularity/). +A specific stream can be selected with the `stream` tag: +``` +base::pkg_group::nodejos: + - 'nodejs:stream=12' +``` + +## Remove Packages + +To remove an already installed package, append the `:absent` tag to the package name in the package group: + +``` +base::pkg_group::java: + - 'java-1.8.0-openjdk:absent' + - 'java-11-openjdk' + - 'java-17-openjdk' +``` + +## Ignore Packages + +To make packages unavailable for installation, even though provided by the package repositories, add them in Hiera to the list `base::package_exclude`: +``` +base::package_exclude: + - 'epics-base-7.0.6*' +``` +This list is merged over the full Hiera hierachy, so there is no need to copy exclusions from higher levels when creating an exclusion on a low level. + +This list can also be used to opt out packages from other, maybe inherited package groups. But unlike the `:absent` tag in a package list it will not uninstall a package when found. + +### Install Debuginfo Packages + +The package repositories for debuginfo packages are disabled by default. To spontaneously install such a package, do + +``` +dnf --enablerepo '*_debug' install ... +``` + +## Legacy Package Installation + +The legacy Hiera lists for package groups is `yum_client::pkg_group::$USE_CASE` and supports the `latest` and `absent` tag, but not the filtering by operating system version. + +Then `yum_client::package_groups` is the Hiera list to contain the package groups to be installed. + +Please migrate them to the equivalent `base::*` list. You can have both of them available at the same time, with possibly the same content. + +## Missing Package + +If there is no such package in the repositories, then + +``` +Error: Execution of '/usr/bin/dnf -d 0 -e 1 -y install non-existing-package-for-test' returned 1: Error: Unable to find a match: non-existing-package-for-test +``` +