Controls/gitea-pages
0
2
Fork 0
Code Pull Requests Actions Activity
Files
40bcbbb1d3de7287cb700a5baf6800d2ece24efd
gitea-pages/admin-guide/configuration/software/packages.md

5.1 KiB
Raw Blame History

Package Installation

Install Packages with Hiera Package Groups

The packages automatically installed onto a system by Puppet are managed in the Hiera list base::package_groups. It contains the names of the package groups to be installed. Items can be added at all levels of the Hiera hierarchy and are merged.

The package groups itself are Hieara lists named base::pkg_group::$USE_CASE. Here list all the packages you want to install.

Currently there exist the following package groups in the main common.yaml:

  • base::pkg_group::system_tools (installed by default)
  • base::pkg_group::daq_buffer
  • base::pkg_group::desktop_settings
  • base::pkg_group::dev
  • base::pkg_group::login_server
  • base::pkg_group::qt5
  • base::pkg_group::root

but further ones can be created in Hiera at lower hierachies and added to base::package_groups, for example

base::pkg_group::java:
    - 'java-1.8.0-openjdk'
    - 'java-11-openjdk'
    - 'java-17-openjdk'

base::package_groups:
    - 'java'

Install a Group of Packages

To add a RedHat predefined group of packages (checkout out dnf grouplist --hidden) prepend the name of it with a @, e.g. for "Java Platform" it would be @Java Platform:

base::pkg_group::java:
    - '@Java Platform'

Install Latest Package Version

Puppet by default only checks if a package is installed and only installs it if missing. To ensure that always the latest available package version is installed, append the :latest tag to the package name in the package group:

base::pkg_group::java:
    - 'java-1.8.0-openjdk'
    - 'java-11-openjdk'
    - 'java-17-openjdk:latest'

Install Packages only on Given OS Version

Certain packages are only used on a given OS Version, so a os= with the OS name and the major version selects a package only for given OS, where as a os! will filter away given package on hosts with given OS, so they are not installed there.

base::pkg_group::java:
    - 'java-1.8.0-openjdk:os=redhat7'
    - 'java-11-openjdk'
    - 'java-17-openjdk:os!redhat7'

Note that this tag can be combined with the latest and absent tag.

Install Module Stream

RHEL 8 introduced the concept of module streams. A specific stream can be selected with the stream tag:

base::pkg_group::nodejs:
    - 'nodejs:stream=12'

Install Python Modules with pip

The pip tag can be used to install a PYPI Python package using pip, e.g. pygame-utility:

base::pkg_group::my_pip_modules:
    - 'pygame-utility:pip'

To install a packages for specific python versions use the tag :pip<version> (example: - 'numpy:pip3.12').

Note that packages installed with pip are not updated automatically!

Remove Packages

To remove an already installed package, append the :absent tag to the package name in the package group:

base::pkg_group::java:
    - 'java-1.8.0-openjdk:absent'
    - 'java-11-openjdk'
    - 'java-17-openjdk'

Ignore Packages

To make packages unavailable for installation, even though provided by the package repositories, add them in Hiera to the list base::package_exclude:

base::package_exclude:
    - 'epics-base-7.0.6*'

This list is merged over the full Hiera hierachy, so there is no need to copy exclusions from higher levels when creating an exclusion on a low level.

This list can also be used to opt out packages from other, maybe inherited package groups. But unlike the :absent tag in a package list it will not uninstall a package when found.

Version Lock

If you have the need to freeze a software on given version, you can use dnf versionlock. First you need to install the python3-dnf-plugin-versionlock package (see above).

Then on the node best run

dnf versionlock add $PACKAGE

for every package you do not wish to get updates installed any more. If there are newer packages you might test with dnf update --assumeno if it does not show your software any more, while other updates are still possible. Sometimes this can cause dependency resolution failures and you might need to add a version lock for one ore more packages which depend on the locked package.

After you best put the resulting /etc/dnf/plugins/versionlock.list in Hiera with files::files for reproducability.

Kernel Version Lock

A full kernel version lock needs to include a number of packages:

dnf versionlock add kernel kernel-core kernel-modules kernel-tools kernel-tools-libs kernel-headers kernel-devel

and if AFS is configured

dnf versionlock add kmod-yfs

Install Debuginfo Packages

The package repositories for debuginfo packages are disabled by default. To spontaneously install such a package, do

dnf --enablerepo '*_debug' install ...

Missing Package

If there is no such package in the repositories, then

Error: Execution of '/usr/bin/dnf -d 0 -e 1 -y install non-existing-package-for-test' returned 1: Error: Unable to find a match: non-existing-package-for-test
View Git Blame Copy Permalink