Puppet try to create roles prior the elasticsearch package is properly installed #1238
Description
Puppet try to create roles (provided through a hash in Hiera) prior the package is properly so the first run status is always flagged as "error", it seems that the issue is related to those two comment lines:
puppet-elasticsearch/manifests/init.pp
Lines 579 to 580 in a38cab8
We use puppet-agent 7.34.0 on Ubuntu 22.04 LTS with the release 9.0.0 of the elasticsearch module.
here is the puppet-agent logs on a first run:
(/Stage[main]/Profile::Elasticsearch/Elasticsearch::Role[logparser]/Elasticsearch_role[logparser]/ensure) created (corrective)
Puppet::Util::FileType::FileTypeFlat could not write /etc/elasticsearch/roles.yml: No such file or directory @ rb_sysopen - /etc/elasticsearch/roles.yml
(/Stage[main]/Profile::Elasticsearch/Elasticsearch::Role[logparser]/Elasticsearch_role[logparser]) Could not evaluate: Puppet::Util::FileType::FileTypeFlat could not write>
(/Stage[main]/Elastic_stack::Repo/Apt::Source[elastic]/Apt::Setting[list-elastic]/File[/etc/apt/sources.list.d/elastic.list]/ensure) defined content as '{sha256}304acbcb1e>
(/Stage[main]/Elasticsearch::Package/Package[elasticsearch]/ensure) created (corrective)
(/Stage[main]/Profile::Elasticsearch/Exec[purge_keystore]) Triggered 'refresh' from 1 event
(/Stage[main]/Elasticsearch::Package/Exec[remove_plugin_dir]) Triggered 'refresh' from 1 event
(/Stage[main]/Elasticsearch::Config/File[/usr/share/elasticsearch]/owner) owner changed 'root' to 'elasticsearch' (corrective)
(/Stage[main]/Elasticsearch::Config/File[/usr/share/elasticsearch]/group) group changed 'root' to 'elasticsearch' (corrective)
(/Stage[main]/Elasticsearch::Config/File[/etc/elasticsearch]/owner) owner changed 'root' to 'elasticsearch' (corrective)
(/Stage[main]/Profile::Elasticsearch/File[/etc/elasticsearch/certs]/ensure) created (corrective)
(/Stage[main]/Profile::Elasticsearch/File[/etc/elasticsearch/certs/ca.crt]/ensure) defined content as '{sha256}17e0edfb072c08de5c9a2c5ea10bcac76f55f67803d1c04fe691296e2d23>
(/Stage[main]/Profile::Elasticsearch/File[/etc/elasticsearch/certs/instance.crt]/ensure) defined content as '{sha256}2df8ce183d3d120c686b555ff08e9aa42bad2e8396a42d4450a84f>
(/Stage[main]/Profile::Elasticsearch/File[/etc/elasticsearch/certs/instance.key]/ensure) defined content as '{sha256}c2cbaf051d24823e417baab38a1cca30efafaee80caf8c227bfe41>
(/Stage[main]/Elasticsearch::Config/File[/usr/share/elasticsearch/plugins]/ensure) created (corrective)
(/Stage[main]/Elasticsearch::Config/Augeas[/etc/default/elasticsearch]/returns) executed successfully (corrective)
(/Stage[main]/Elasticsearch::Config/Java_ks[elasticsearch_ca]/ensure) created (corrective)
(/Stage[main]/Elasticsearch::Config/Java_ks[elasticsearch_node]/ensure) created (corrective)
(/Stage[main]/Elasticsearch::Config/File[/etc/elasticsearch/elasticsearch.yml]/content) content changed '{sha256}d7798d00a8af506290063f1094f569d6afc36db04fbf1533ac6562b84e>
(/Stage[main]/Elasticsearch::Config/File[/etc/elasticsearch/elasticsearch.yml]/owner) owner changed 'root' to 'elasticsearch' (corrective)
(/Stage[main]/Elasticsearch::Config/File[/etc/elasticsearch/elasticsearch.yml]/mode) mode changed '0660' to '0440' (corrective)
(/Stage[main]/Elasticsearch::Config/File[/etc/elasticsearch/jvm.options]/mode) mode changed '0660' to '0640' (corrective)
(/Stage[main]/Elasticsearch::Config/File[/etc/elasticsearch/jvm.options.d/jvm.options]/ensure) defined content as '{sha256}3a337dfa8360dd8d84c8669750d8a1b1a80a05556f903a0a>
(/Stage[main]/Elasticsearch::Service/Service[elasticsearch]/ensure) ensure changed 'stopped' to 'running' (corrective)
Here is the workaround we applied in our code:
Class['elasticsearch::config']
-> Elasticsearch::Role <| |>
class { 'elasticsearch':
ensure => $ensure,
version => $version,
jvm_options => $jvm_options,
restart_on_change => $restart_on_change,
autoupgrade => $autoupgrade,