Puppet Ubuntu remove packages no longer required

teaching myself puppet.

Using Ubuntu 11.10 Puppet 2.7.1 (straight from apt)

Running some test scripts on a single node (following http://docs.puppetlabs.com/learning/manifests.html).

I made a manifest that installs and starts the apache2 package ... all good.

Now I want to reverse this, I make a manifest that purges the apache2 package. This completes successfully, the problem is that puppet has only remove the apache2 package, not all the packages apache2 brings in with it (I think apache2.2-bin is the main one) ... so the apache2 service is still installed and running on the system.

If I was doing this with apt-get I would then just do a "apt-get autoremove" but how can I make puppet do this for me?


Unfortunately, there's no good way to do this with the built-in resource types, just two not-so-good options.

The 'proper' way involves defining a package resource for all of the packages you want to get rid of:

package { 'apache2.2-common':
    ensure => purged,
}
package { 'apache2-utils':
    ensure => purged,
}
# etc ...

And the 'improper' but far more manageable way would be to set up an exec resource to run the autoremove for the dependant packages when the apache2 package is removed:

package { 'apache2':
    ensure => purged,
}
exec { 'autoremove':
    command => '/usr/bin/apt-get autoremove --purge -y',
    # We don't want this running every time the puppet agent runs, 
    # so we'll set it to only run when the apache2 purge actually happens.
    # Note that this would not run on your node that already has the
    # apache2 package removed, since it won't trigger any more changes
    # to the package.
    refreshonly => true,
    subscribe => Package['apache2'],
}

Given these two options, the second is definitely more appealing - it's nice to be able to stick to built-in types whenever possible, but it's just not practical when you're removing a package with a huge number of dependencies.


You can have an exec resource that only runs when the apache package is removed.

package { "apache2":
  ensure => absent,
}

exec { "remove-apache-dependencies"
  command => "apt-get -y autoremove",
  subscribe => Package["apache2"],
  refreshonly => true,
}