1:59 p.m.
This patchset greatly revamps the deltacloud puppet recipe and installer/uninstaller
to clean up a plethora of things and to make it a more state based solution, bringing
it inline with the standard puppet methodology.
1:59 p.m.
New subject: [PATCH appliance 1/7] remove lingering appliance bits
---
.gitignore | 1 -
README | 36 +++---------
Rakefile | 48 +--------------
contrib/deltacloud_recipe.spec | 70 ++++++++++++++++++++++
deltacloud_appliance.ks | 125 ----------------------------------------
deltacloud_recipe.spec | 70 ----------------------
6 files changed, 81 insertions(+), 269 deletions(-)
create mode 100644 contrib/deltacloud_recipe.spec
delete mode 100644 deltacloud_appliance.ks
delete mode 100644 deltacloud_recipe.spec
diff --git a/.gitignore b/.gitignore
index dac3e84..50fa14f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,4 +2,3 @@ deltacloud
build/
pkg/
repo/
-deltacloud_appliance.ks.new
diff --git a/README b/README
index f25ca07..229d453 100644
--- a/README
+++ b/README
@@ -1,4 +1,4 @@
-The Deltacloud Recipe and Appliance
+The Deltacloud Recipe
You can find more documentation at the Deltacloud web site at
http://deltacloud.org/
@@ -7,14 +7,10 @@ http://deltacloud.org/
Prerequisites
-------------
-The deltacloud appliance makes uses of the deltacloud recipe rpm
-to install and configure all components. The appliance is built
-using the appliance tools and is deployed via libvirt
-
-See http://thincrust.net/ and http://libvirt.org/ for more information.
-
-Some commands require root access. Those commands will be executed using sudo, so ensure
that
-the user building the appliance has an appropriate entry in /etc/sudoers.
+The deltacloud recipe is a puppet module which can be used
+to install and configure deltacloud components. To make use
+of this recipe, drop it into your puppet module path or
+alternatively build and install the recipe rpm.
Building and Installing the Deltacloud Recipe
@@ -22,28 +18,12 @@ Building and Installing the Deltacloud Recipe
$ rake rpms
-The rpm will be placed into the pkg build dir, install it via yum
+The rpm will be placed into the build dir, install it via yum
$ sudo yum install --nogpgcheck \
build/rpmbuild/RPMS/noarch/deltacloud_recipe-0.0.3-1.fc13.noarch.rpm
-Install the recipe via
+Install deltacloud via the recipe via
$ sudo /usr/sbin/dc-install
-Uninstall it via
+Uninstall deltacloud via
$ sudo /usr/sbin/dc-uninstall
-
-Starting the Appliance
------------------------------------
-
-Run the following command from the appliance project checkout directory
-
-$ rake image:deploy
-
-This will start the appliance via libvirt bringing up virt-viewer for
-graphical access. If the appliance is already found running locally this
-will fail, and you will have to run the following to destroy and delete
-the appliance.
-
-$ rake image:destroy
-
-NOTE this will destroy the image, make sure to backup any changes to it
diff --git a/Rakefile b/Rakefile
index a63d18a..e5722c0 100644
--- a/Rakefile
+++ b/Rakefile
@@ -1,4 +1,4 @@
-# Deltacloud Appliance Rakefile
+# Deltacloud Recipe Rakefile
require 'rake/clean'
require 'rake/rpmtask'
@@ -8,12 +8,10 @@ CURRENT_DIR = File.dirname(__FILE__)
RPMBUILD_DIR = "#{CURRENT_DIR}/build/rpmbuild"
YUM_REPO = "#{CURRENT_DIR}/repo"
-CLEAN.include('pkg', 'build', 'repo',
'deltacloud_appliance.ks.new')
+CLEAN.include('pkg', 'build', 'repo')
CLOBBER.include('deltacloud')
PKG_NAME = "deltacloud_recipe"
-RPM_SPEC = "deltacloud_recipe.spec"
-
-task :default => :"image:create"
+RPM_SPEC = "contrib/deltacloud_recipe.spec"
# Build the rpm
Rake::RpmTask.new(RPM_SPEC) do |rpm|
@@ -26,43 +24,3 @@ end
Rake::YumTask.new(YUM_REPO) do |repo|
repo.rpms << "#{RPMBUILD_DIR}/RPMS/noarch/#{PKG_NAME}*.rpm"
end
-
-namespace "image" do
- desc "create appliance image"
- task :create => :create_repo do |t,args|
- puts "NOTE: This command will only work if run as root, so we're using
'sudo'. You have been warned!"
- cp_r "deltacloud_appliance.ks", "deltacloud_appliance.ks.new"
- sh "sed -i s-DELTACLOUD_APPLIANCE_LOCAL_REPO-#{YUM_REPO}-
deltacloud_appliance.ks.new"
- if File.exists?("deltacloud") && args.force.nil?
- puts "Appliance exist, specify 'force=true' to overwrite"
- else
- sh "sudo appliance-creator -n deltacloud -c deltacloud_appliance.ks.new --vmem
1024 --cache /var/tmp/act"
- end
- end
-
- desc "deploy appliance from image"
- task :deploy => :create do
- puts "NOTE: These commands will only work if run as root, so we're using
'sudo'. You have been warned!"
- system "sudo virsh domuuid deltacloud"
- if $? == 0
- puts "Deltacloud appliance already defined, delete with 'rake
image:destroy'"
- else
- sh "sudo virt-image deltacloud/deltacloud.xml"
- sh "sudo virsh start deltacloud"
- sh "sudo virt-viewer deltacloud"
- end
- end
-
- desc "destroy appliance and image"
- task :destroy do
- puts "NOTE: These commands will only work if run as root, so we're using
'sudo'. You have been warned!"
- system "sudo virsh domuuid deltacloud"
- if $? == 0
- system "sudo virsh destroy deltacloud"
- sh "sudo virsh undefine deltacloud"
- end
- if File.exists?("deltacloud")
- sh "sudo rm -rf deltacloud"
- end
- end
-end
diff --git a/contrib/deltacloud_recipe.spec b/contrib/deltacloud_recipe.spec
new file mode 100644
index 0000000..365d802
--- /dev/null
+++ b/contrib/deltacloud_recipe.spec
@@ -0,0 +1,70 @@
+%define dchome /usr/share/deltacloud-recipe
+%define pbuild %{_builddir}/%{name}-%{version}
+
+Summary: DeltaCloud Puppet Recipe
+Name: deltacloud_recipe
+Version: 0.0.3
+Release: 1%{?dist}
+
+Group: Applications/Internet
+License: GPLv2+
+URL: http://deltacloud.org
+Source0: %{name}-%{version}.tgz
+BuildRoot: %{_tmppath}/%{name}-%{version}
+BuildArch: noarch
+Requires: ruby
+
+# We only leverage the firewall module from this,
+# not worth the overhead of pulling this in, so
+# we should implmenet our own
+Requires: ace
+
+# To send a request to iwhd rest interface to
+# create buckets, eventually replace w/ an
+# iwhd client
+Requires: curl
+
+%description
+Deltacloud Puppet Recipe
+
+%prep
+%setup -q
+
+%build
+
+%install
+rm -rf %{buildroot}
+%{__mkdir} -p %{buildroot}/%{dchome}/modules/%{name} %{buildroot}/%{_sbindir}
+%{__cp} -R %{pbuild}/%{name}/deltacloud_recipe.pp %{buildroot}/%{dchome}
+%{__cp} -R %{pbuild}/%{name}/deltacloud_uninstall.pp %{buildroot}/%{dchome}
+%{__cp} -R %{pbuild}/%{name}/*/ %{buildroot}/%{dchome}/modules/%{name}
+%{__cp} -R %{pbuild}/bin/dc-install %{buildroot}/%{_sbindir}/
+%{__cp} -R %{pbuild}/bin/dc-uninstall %{buildroot}/%{_sbindir}/
+
+%clean
+rm -rf %{buildroot}
+
+%files
+%defattr(-,root,root,-)
+%attr(0755, root, root) %{_sbindir}/dc-install
+%attr(0755, root, root) %{_sbindir}/dc-uninstall
+%{dchome}
+
+%changelog
+* Wed Sep 29 2010 Mohammed Morsi <mmorsi(a)redhat.com> 0.0.3-1
+- Renamed package from deltacloud appliance
+- to deltacloud recipe
+
+* Wed Sep 29 2010 Mohammed Morsi <mmorsi(a)redhat.com> 0.0.2-3
+- Include curl-devel for typhoeus gem
+
+* Wed Sep 29 2010 Mohammed Morsi <mmorsi(a)redhat.com> 0.0.2-2
+- Updated to pull in latest git changes
+
+* Fri Sep 17 2010 Mohammed Morsi <mmorsi(a)redhat.com> 0.0.2-1
+- Updated packages pulled in to latest versions
+- Various fixes
+- Added initial image warehouse bits
+
+* Thu Sep 02 2010 Mohammed Morsi <mmorsi(a)redhat.com> 0.0.1-1
+- Initial package
diff --git a/deltacloud_appliance.ks b/deltacloud_appliance.ks
deleted file mode 100644
index b5b7af9..0000000
--- a/deltacloud_appliance.ks
+++ /dev/null
@@ -1,125 +0,0 @@
-# Deltacloud appliance kickstart
-
-# Yum repos to use
-repo --name=f13
--mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-13&arch=$basearch
-repo --name=f13-updates
--mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f13&arch=$basearch
-repo --name=thincrust --baseurl=http://www.thincrust.net/repo/noarch/
-
-# deltacloud yum repos:
-# * ruby 1.8.7
-# * rails 2.3.8
-# * patched activerecord, haml, and puppet rpms (to fix issues)
-# * deltacloud aggregator rpms
-# * condor-dcloud and libdeltacloud
-# * hail
-repo --name=deltacloud_arch
--baseurl=http://repos.fedorapeople.org/repos/deltacloud/appliance/fedora-13/$basearch
-repo --name=deltacloud_noarch
--baseurl=http://repos.fedorapeople.org/repos/deltacloud/appliance/fedora-13/noarch
-
-repo --name=deltacloud_local --baseurl=file://DELTACLOUD_APPLIANCE_LOCAL_REPO
-
-# pull pulp in from here
-repo --name=pulp
--baseurl=http://repos.fedorapeople.org/repos/pulp/pulp/fedora-13/$basearch/
-
-# Firewall / network configuration
-firewall --enable --ssh
-network --bootproto=dhcp --device=eth0 --onboot=on
-
-# System authorization information
-auth --useshadow --enablemd5
-
-# System keyboard
-keyboard us
-
-# System language
-lang en_US.UTF-8
-
-# System timezone
-timezone US/Eastern
-
-# System bootloader configuration
-bootloader --append="5 console=tty0 console=ttyS0,115200" --location=mbr
--timeout=1
-
-# Disk partitioning information
-part / --fstype="ext3" --ondisk=sda --size=3072
-
-# No need for additional config
-firstboot --disable
-
-%post
- /sbin/chkconfig --level 35 ace on
- mkdir /etc/sysconfig/ace
- echo deltacloud_appliance >> /etc/sysconfig/ace/appliancename
-
- # start mongodb and httpd for pulp server
- /sbin/chkconfig --level 35 mongod on
- /sbin/chkconfig --level 35 httpd on
-%end
-
-%packages --excludedocs --nobase --instLangs=en
-@core
-@base-x
-@gnome-desktop
-acpid
-bash
-chkconfig
-dhclient
-e2fsprogs
-git
-gnuplot
-grub
-guestfish
-iputils
-libguestfs
-kernel
-lokkit
-parted
-passwd
-rootfiles
-rpmdevtools
-rubygem-boxgrinder-build
-rubygem-boxgrinder-build-centos-os-plugin
-rubygem-boxgrinder-build-ec2-platform-plugin
-rubygem-boxgrinder-build-fedora-os-plugin
-rubygem-boxgrinder-build-local-delivery-plugin
-rubygem-boxgrinder-build-rhel-os-plugin
-rubygem-boxgrinder-build-rpm-based-os-plugin
-rubygem-boxgrinder-build-s3-delivery-plugin
-rubygem-boxgrinder-build-sftp-delivery-plugin
-rubygem-boxgrinder-build-vmware-platform-plugin
-rubygem-boxgrinder-core
-rubygem-spqr
-rubygem-uuid
-ruby-libguestfs
-vim-enhanced
-wget
-bind-utils
-sudo
-qpidc
-qpidd
-yum
-yum-utils
-firefox
--authconfig
--checkpolicy
--dmraid
--ed
--fedora-logos
--fedora-release-notes
--kbd
--kpartx
--kudzu
--libselinux
--libselinux-python
--lvm2
--mdadm
--policycoreutils
--prelink
--selinux-policy*
--setserial
--tar
--usermode
--wireless-tools
--firstboot
-
-deltacloud_appliance
-%end
diff --git a/deltacloud_recipe.spec b/deltacloud_recipe.spec
deleted file mode 100644
index 365d802..0000000
--- a/deltacloud_recipe.spec
+++ /dev/null
@@ -1,70 +0,0 @@
-%define dchome /usr/share/deltacloud-recipe
-%define pbuild %{_builddir}/%{name}-%{version}
-
-Summary: DeltaCloud Puppet Recipe
-Name: deltacloud_recipe
-Version: 0.0.3
-Release: 1%{?dist}
-
-Group: Applications/Internet
-License: GPLv2+
-URL: http://deltacloud.org
-Source0: %{name}-%{version}.tgz
-BuildRoot: %{_tmppath}/%{name}-%{version}
-BuildArch: noarch
-Requires: ruby
-
-# We only leverage the firewall module from this,
-# not worth the overhead of pulling this in, so
-# we should implmenet our own
-Requires: ace
-
-# To send a request to iwhd rest interface to
-# create buckets, eventually replace w/ an
-# iwhd client
-Requires: curl
-
-%description
-Deltacloud Puppet Recipe
-
-%prep
-%setup -q
-
-%build
-
-%install
-rm -rf %{buildroot}
-%{__mkdir} -p %{buildroot}/%{dchome}/modules/%{name} %{buildroot}/%{_sbindir}
-%{__cp} -R %{pbuild}/%{name}/deltacloud_recipe.pp %{buildroot}/%{dchome}
-%{__cp} -R %{pbuild}/%{name}/deltacloud_uninstall.pp %{buildroot}/%{dchome}
-%{__cp} -R %{pbuild}/%{name}/*/ %{buildroot}/%{dchome}/modules/%{name}
-%{__cp} -R %{pbuild}/bin/dc-install %{buildroot}/%{_sbindir}/
-%{__cp} -R %{pbuild}/bin/dc-uninstall %{buildroot}/%{_sbindir}/
-
-%clean
-rm -rf %{buildroot}
-
-%files
-%defattr(-,root,root,-)
-%attr(0755, root, root) %{_sbindir}/dc-install
-%attr(0755, root, root) %{_sbindir}/dc-uninstall
-%{dchome}
-
-%changelog
-* Wed Sep 29 2010 Mohammed Morsi <mmorsi(a)redhat.com> 0.0.3-1
-- Renamed package from deltacloud appliance
-- to deltacloud recipe
-
-* Wed Sep 29 2010 Mohammed Morsi <mmorsi(a)redhat.com> 0.0.2-3
-- Include curl-devel for typhoeus gem
-
-* Wed Sep 29 2010 Mohammed Morsi <mmorsi(a)redhat.com> 0.0.2-2
-- Updated to pull in latest git changes
-
-* Fri Sep 17 2010 Mohammed Morsi <mmorsi(a)redhat.com> 0.0.2-1
-- Updated packages pulled in to latest versions
-- Various fixes
-- Added initial image warehouse bits
-
-* Thu Sep 02 2010 Mohammed Morsi <mmorsi(a)redhat.com> 0.0.1-1
-- Initial package
--
1.7.2.3
9:39 p.m.
New subject: [PATCH appliance 1/7] remove lingering appliance bits
On 12/22/2010 02:59 PM, Mohammed Morsi wrote:
---
.gitignore | 1 -
README | 36 +++---------
Rakefile | 48 +--------------
contrib/deltacloud_recipe.spec | 70 ++++++++++++++++++++++
deltacloud_appliance.ks | 125 ----------------------------------------
deltacloud_recipe.spec | 70 ----------------------
6 files changed, 81 insertions(+), 269 deletions(-)
create mode 100644 contrib/deltacloud_recipe.spec
delete mode 100644 deltacloud_appliance.ks
delete mode 100644 deltacloud_recipe.spec
diff --git a/.gitignore b/.gitignore
index dac3e84..50fa14f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,4 +2,3 @@ deltacloud
build/
pkg/
repo/
-deltacloud_appliance.ks.new
diff --git a/README b/README
index f25ca07..229d453 100644
--- a/README
+++ b/README
@@ -1,4 +1,4 @@
-The Deltacloud Recipe and Appliance
+The Deltacloud Recipe
You can find more documentation at the Deltacloud web site at
http://deltacloud.org/
@@ -7,14 +7,10 @@ http://deltacloud.org/
Prerequisites
-------------
-The deltacloud appliance makes uses of the deltacloud recipe rpm
-to install and configure all components. The appliance is built
-using the appliance tools and is deployed via libvirt
-
-See http://thincrust.net/ and http://libvirt.org/ for more information.
-
-Some commands require root access. Those commands will be executed using sudo, so
ensure that
-the user building the appliance has an appropriate entry in /etc/sudoers.
+The deltacloud recipe is a puppet module which can be used
+to install and configure deltacloud components. To make use
+of this recipe, drop it into your puppet module path or
+alternatively build and install the recipe rpm.
Building and Installing the Deltacloud Recipe
@@ -22,28 +18,12 @@ Building and Installing the Deltacloud Recipe
$ rake rpms
-The rpm will be placed into the pkg build dir, install it via yum
+The rpm will be placed into the build dir, install it via yum
$ sudo yum install --nogpgcheck \
build/rpmbuild/RPMS/noarch/deltacloud_recipe-0.0.3-1.fc13.noarch.rpm
-Install the recipe via
+Install deltacloud via the recipe via
$ sudo /usr/sbin/dc-install
-Uninstall it via
+Uninstall deltacloud via
$ sudo /usr/sbin/dc-uninstall
-
-Starting the Appliance
------------------------------------
-
-Run the following command from the appliance project checkout directory
-
-$ rake image:deploy
-
-This will start the appliance via libvirt bringing up virt-viewer for
-graphical access. If the appliance is already found running locally this
-will fail, and you will have to run the following to destroy and delete
-the appliance.
-
-$ rake image:destroy
-
-NOTE this will destroy the image, make sure to backup any changes to it
diff --git a/Rakefile b/Rakefile
index a63d18a..e5722c0 100644
--- a/Rakefile
+++ b/Rakefile
@@ -1,4 +1,4 @@
-# Deltacloud Appliance Rakefile
+# Deltacloud Recipe Rakefile
require 'rake/clean'
require 'rake/rpmtask'
@@ -8,12 +8,10 @@ CURRENT_DIR = File.dirname(__FILE__)
RPMBUILD_DIR = "#{CURRENT_DIR}/build/rpmbuild"
YUM_REPO = "#{CURRENT_DIR}/repo"
-CLEAN.include('pkg', 'build', 'repo',
'deltacloud_appliance.ks.new')
+CLEAN.include('pkg', 'build', 'repo')
CLOBBER.include('deltacloud')
PKG_NAME = "deltacloud_recipe"
-RPM_SPEC = "deltacloud_recipe.spec"
-
-task :default => :"image:create"
+RPM_SPEC = "contrib/deltacloud_recipe.spec"
# Build the rpm
Rake::RpmTask.new(RPM_SPEC) do |rpm|
@@ -26,43 +24,3 @@ end
Rake::YumTask.new(YUM_REPO) do |repo|
repo.rpms<< "#{RPMBUILD_DIR}/RPMS/noarch/#{PKG_NAME}*.rpm"
end
-
-namespace "image" do
- desc "create appliance image"
- task :create => :create_repo do |t,args|
- puts "NOTE: This command will only work if run as root, so we're using
'sudo'. You have been warned!"
- cp_r "deltacloud_appliance.ks", "deltacloud_appliance.ks.new"
- sh "sed -i s-DELTACLOUD_APPLIANCE_LOCAL_REPO-#{YUM_REPO}-
deltacloud_appliance.ks.new"
- if File.exists?("deltacloud")&& args.force.nil?
- puts "Appliance exist, specify 'force=true' to overwrite"
- else
- sh "sudo appliance-creator -n deltacloud -c deltacloud_appliance.ks.new
--vmem 1024 --cache /var/tmp/act"
- end
- end
-
- desc "deploy appliance from image"
- task :deploy => :create do
- puts "NOTE: These commands will only work if run as root, so we're using
'sudo'. You have been warned!"
- system "sudo virsh domuuid deltacloud"
- if $? == 0
- puts "Deltacloud appliance already defined, delete with 'rake
image:destroy'"
- else
- sh "sudo virt-image deltacloud/deltacloud.xml"
- sh "sudo virsh start deltacloud"
- sh "sudo virt-viewer deltacloud"
- end
- end
-
- desc "destroy appliance and image"
- task :destroy do
- puts "NOTE: These commands will only work if run as root, so we're using
'sudo'. You have been warned!"
- system "sudo virsh domuuid deltacloud"
- if $? == 0
- system "sudo virsh destroy deltacloud"
- sh "sudo virsh undefine deltacloud"
- end
- if File.exists?("deltacloud")
- sh "sudo rm -rf deltacloud"
- end
- end
-end
diff --git a/contrib/deltacloud_recipe.spec b/contrib/deltacloud_recipe.spec
new file mode 100644
index 0000000..365d802
--- /dev/null
+++ b/contrib/deltacloud_recipe.spec
@@ -0,0 +1,70 @@
+%define dchome /usr/share/deltacloud-recipe
+%define pbuild %{_builddir}/%{name}-%{version}
+
+Summary: DeltaCloud Puppet Recipe
+Name: deltacloud_recipe
+Version: 0.0.3
+Release: 1%{?dist}
+
+Group: Applications/Internet
+License: GPLv2+
+URL: http://deltacloud.org
+Source0: %{name}-%{version}.tgz
+BuildRoot: %{_tmppath}/%{name}-%{version}
+BuildArch: noarch
+Requires: ruby
+
+# We only leverage the firewall module from this,
+# not worth the overhead of pulling this in, so
+# we should implmenet our own
+Requires: ace
+
+# To send a request to iwhd rest interface to
+# create buckets, eventually replace w/ an
+# iwhd client
+Requires: curl
+
+%description
+Deltacloud Puppet Recipe
+
+%prep
+%setup -q
+
+%build
+
+%install
+rm -rf %{buildroot}
+%{__mkdir} -p %{buildroot}/%{dchome}/modules/%{name} %{buildroot}/%{_sbindir}
+%{__cp} -R %{pbuild}/%{name}/deltacloud_recipe.pp %{buildroot}/%{dchome}
+%{__cp} -R %{pbuild}/%{name}/deltacloud_uninstall.pp %{buildroot}/%{dchome}
+%{__cp} -R %{pbuild}/%{name}/*/ %{buildroot}/%{dchome}/modules/%{name}
+%{__cp} -R %{pbuild}/bin/dc-install %{buildroot}/%{_sbindir}/
+%{__cp} -R %{pbuild}/bin/dc-uninstall %{buildroot}/%{_sbindir}/
+
+%clean
+rm -rf %{buildroot}
+
+%files
+%defattr(-,root,root,-)
+%attr(0755, root, root) %{_sbindir}/dc-install
+%attr(0755, root, root) %{_sbindir}/dc-uninstall
+%{dchome}
+
+%changelog
+* Wed Sep 29 2010 Mohammed Morsi<mmorsi(a)redhat.com> 0.0.3-1
+- Renamed package from deltacloud appliance
+- to deltacloud recipe
+
+* Wed Sep 29 2010 Mohammed Morsi<mmorsi(a)redhat.com> 0.0.2-3
+- Include curl-devel for typhoeus gem
+
+* Wed Sep 29 2010 Mohammed Morsi<mmorsi(a)redhat.com> 0.0.2-2
+- Updated to pull in latest git changes
+
+* Fri Sep 17 2010 Mohammed Morsi<mmorsi(a)redhat.com> 0.0.2-1
+- Updated packages pulled in to latest versions
+- Various fixes
+- Added initial image warehouse bits
+
+* Thu Sep 02 2010 Mohammed Morsi<mmorsi(a)redhat.com> 0.0.1-1
+- Initial package
diff --git a/deltacloud_appliance.ks b/deltacloud_appliance.ks
deleted file mode 100644
index b5b7af9..0000000
--- a/deltacloud_appliance.ks
+++ /dev/null
@@ -1,125 +0,0 @@
-# Deltacloud appliance kickstart
-
-# Yum repos to use
-repo --name=f13
--mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-13&arch=$basearch
-repo --name=f13-updates
--mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f13&arch=$basearch
-repo --name=thincrust --baseurl=http://www.thincrust.net/repo/noarch/
-
-# deltacloud yum repos:
-# * ruby 1.8.7
-# * rails 2.3.8
-# * patched activerecord, haml, and puppet rpms (to fix issues)
-# * deltacloud aggregator rpms
-# * condor-dcloud and libdeltacloud
-# * hail
-repo --name=deltacloud_arch
--baseurl=http://repos.fedorapeople.org/repos/deltacloud/appliance/fedora-13/$basearch
-repo --name=deltacloud_noarch
--baseurl=http://repos.fedorapeople.org/repos/deltacloud/appliance/fedora-13/noarch
-
-repo --name=deltacloud_local --baseurl=file://DELTACLOUD_APPLIANCE_LOCAL_REPO
-
-# pull pulp in from here
-repo --name=pulp
--baseurl=http://repos.fedorapeople.org/repos/pulp/pulp/fedora-13/$basearch/
-
-# Firewall / network configuration
-firewall --enable --ssh
-network --bootproto=dhcp --device=eth0 --onboot=on
-
-# System authorization information
-auth --useshadow --enablemd5
-
-# System keyboard
-keyboard us
-
-# System language
-lang en_US.UTF-8
-
-# System timezone
-timezone US/Eastern
-
-# System bootloader configuration
-bootloader --append="5 console=tty0 console=ttyS0,115200" --location=mbr
--timeout=1
-
-# Disk partitioning information
-part / --fstype="ext3" --ondisk=sda --size=3072
-
-# No need for additional config
-firstboot --disable
-
-%post
- /sbin/chkconfig --level 35 ace on
- mkdir /etc/sysconfig/ace
- echo deltacloud_appliance>> /etc/sysconfig/ace/appliancename
-
- # start mongodb and httpd for pulp server
- /sbin/chkconfig --level 35 mongod on
- /sbin/chkconfig --level 35 httpd on
-%end
-
-%packages --excludedocs --nobase --instLangs=en
-@core
-@base-x
-@gnome-desktop
-acpid
-bash
-chkconfig
-dhclient
-e2fsprogs
-git
-gnuplot
-grub
-guestfish
-iputils
-libguestfs
-kernel
-lokkit
-parted
-passwd
-rootfiles
-rpmdevtools
-rubygem-boxgrinder-build
-rubygem-boxgrinder-build-centos-os-plugin
-rubygem-boxgrinder-build-ec2-platform-plugin
-rubygem-boxgrinder-build-fedora-os-plugin
-rubygem-boxgrinder-build-local-delivery-plugin
-rubygem-boxgrinder-build-rhel-os-plugin
-rubygem-boxgrinder-build-rpm-based-os-plugin
-rubygem-boxgrinder-build-s3-delivery-plugin
-rubygem-boxgrinder-build-sftp-delivery-plugin
-rubygem-boxgrinder-build-vmware-platform-plugin
-rubygem-boxgrinder-core
-rubygem-spqr
-rubygem-uuid
-ruby-libguestfs
-vim-enhanced
-wget
-bind-utils
-sudo
-qpidc
-qpidd
-yum
-yum-utils
-firefox
--authconfig
--checkpolicy
--dmraid
--ed
--fedora-logos
--fedora-release-notes
--kbd
--kpartx
--kudzu
--libselinux
--libselinux-python
--lvm2
--mdadm
--policycoreutils
--prelink
--selinux-policy*
--setserial
--tar
--usermode
--wireless-tools
--firstboot
-
-deltacloud_appliance
-%end
diff --git a/deltacloud_recipe.spec b/deltacloud_recipe.spec
deleted file mode 100644
index 365d802..0000000
--- a/deltacloud_recipe.spec
+++ /dev/null
@@ -1,70 +0,0 @@
-%define dchome /usr/share/deltacloud-recipe
-%define pbuild %{_builddir}/%{name}-%{version}
-
-Summary: DeltaCloud Puppet Recipe
-Name: deltacloud_recipe
-Version: 0.0.3
-Release: 1%{?dist}
-
-Group: Applications/Internet
-License: GPLv2+
-URL: http://deltacloud.org
-Source0: %{name}-%{version}.tgz
-BuildRoot: %{_tmppath}/%{name}-%{version}
-BuildArch: noarch
-Requires: ruby
-
-# We only leverage the firewall module from this,
-# not worth the overhead of pulling this in, so
-# we should implmenet our own
-Requires: ace
-
-# To send a request to iwhd rest interface to
-# create buckets, eventually replace w/ an
-# iwhd client
-Requires: curl
-
-%description
-Deltacloud Puppet Recipe
-
-%prep
-%setup -q
-
-%build
-
-%install
-rm -rf %{buildroot}
-%{__mkdir} -p %{buildroot}/%{dchome}/modules/%{name} %{buildroot}/%{_sbindir}
-%{__cp} -R %{pbuild}/%{name}/deltacloud_recipe.pp %{buildroot}/%{dchome}
-%{__cp} -R %{pbuild}/%{name}/deltacloud_uninstall.pp %{buildroot}/%{dchome}
-%{__cp} -R %{pbuild}/%{name}/*/ %{buildroot}/%{dchome}/modules/%{name}
-%{__cp} -R %{pbuild}/bin/dc-install %{buildroot}/%{_sbindir}/
-%{__cp} -R %{pbuild}/bin/dc-uninstall %{buildroot}/%{_sbindir}/
-
-%clean
-rm -rf %{buildroot}
-
-%files
-%defattr(-,root,root,-)
-%attr(0755, root, root) %{_sbindir}/dc-install
-%attr(0755, root, root) %{_sbindir}/dc-uninstall
-%{dchome}
-
-%changelog
-* Wed Sep 29 2010 Mohammed Morsi<mmorsi(a)redhat.com> 0.0.3-1
-- Renamed package from deltacloud appliance
-- to deltacloud recipe
-
-* Wed Sep 29 2010 Mohammed Morsi<mmorsi(a)redhat.com> 0.0.2-3
-- Include curl-devel for typhoeus gem
-
-* Wed Sep 29 2010 Mohammed Morsi<mmorsi(a)redhat.com> 0.0.2-2
-- Updated to pull in latest git changes
-
-* Fri Sep 17 2010 Mohammed Morsi<mmorsi(a)redhat.com> 0.0.2-1
-- Updated packages pulled in to latest versions
-- Various fixes
-- Added initial image warehouse bits
-
-* Thu Sep 02 2010 Mohammed Morsi<mmorsi(a)redhat.com> 0.0.1-1
-- Initial package
ACK
1:59 p.m.
New subject: [PATCH appliance 2/7] improve rpm and yum tasks
- decouple yum create_repo task from rpms task and just
have it depend on the rpm file existance
- parse dist out from rpm macros config instead of hard coding it
---
Rakefile | 3 ++-
rake/rpmtask.rb | 20 +++++++++++++++-----
rake/yumtask.rb | 3 +--
3 files changed, 18 insertions(+), 8 deletions(-)
diff --git a/Rakefile b/Rakefile
index e5722c0..cd96a85 100644
--- a/Rakefile
+++ b/Rakefile
@@ -14,6 +14,7 @@ PKG_NAME = "deltacloud_recipe"
RPM_SPEC = "contrib/deltacloud_recipe.spec"
# Build the rpm
+rpm_task =
Rake::RpmTask.new(RPM_SPEC) do |rpm|
rpm.need_tar = true
rpm.package_files.include("bin/*", "#{PKG_NAME}/**/*")
@@ -22,5 +23,5 @@ end
# Construct yum repo
Rake::YumTask.new(YUM_REPO) do |repo|
- repo.rpms << "#{RPMBUILD_DIR}/RPMS/noarch/#{PKG_NAME}*.rpm"
+ repo.rpms << rpm_task.rpm_file
end
diff --git a/rake/rpmtask.rb b/rake/rpmtask.rb
index c836ce9..ff2ee66 100644
--- a/rake/rpmtask.rb
+++ b/rake/rpmtask.rb
@@ -27,6 +27,13 @@ module Rake
def init(rpm_spec)
@rpm_spec = rpm_spec
+ # parse this out of the rpmbuild macros,
+ # not ideal but better than hardcoding this
+ File.open('/etc/rpm/macros.dist', "r") { |f|
+ f.read.scan(/%dist\s*\.(.*)\n/)
+ @distro = $1
+ }
+
# Parse rpm name / version out of spec
# FIXME hacky way to do this for now
# (would be nice to implement a full blown rpm spec parser for ruby)
@@ -35,14 +42,14 @@ module Rake
@name = contents.scan(/\nName: .*\n/).first.split.last
@version = contents.scan(/\nVersion: .*\n/).first.split.last
@release = contents.scan(/\nRelease: .*\n/).first.split.last
- @arch = contents.scan(/\nBuildArch: .*\n/)
+ @release.gsub!("%{?dist}", ".#{@distro}")
+ @arch = contents.scan(/\nBuildArch: .*\n/) # TODO grab local arch if not
defined
if @arch.nil?
@arch = Config::CONFIG["target_cpu"] # hoping this will work for all
cases,
# can just run the 'arch' cmd if
we want
else
@arch = @arch.first.split.last
end
- @distro = 'fc13' # FIXME shouldn't be hardcoded
}
super(@name, @version)
@@ -55,17 +62,20 @@ module Rake
directory "#{@topdir}/SOURCES"
directory "#{@topdir}/SPECS"
- # FIXME support all a spec's subpackages as well
- rpm_file =
"#{@topdir}/RPMS/#{@arch}/#{@name}-#{@version}-#{@release}.#{@distro}.#{(a)arch}.rpm"
desc "Build the rpms"
task :rpms => [rpm_file]
- # FIXME properly determine :package build artifact(s) to copy to sources dir, allow
users to specify others
+ # FIXME properly determine :package build artifact(s) to copy to sources dir
file rpm_file => [:package, "#{@topdir}/SOURCES",
"#{@topdir}/SPECS"] do
cp "#{package_dir}/#{@name}-#{(a)version}.tgz",
"#{@topdir}/SOURCES/"
cp @rpm_spec, "#{@topdir}/SPECS"
sh "#{@rpmbuild_cmd} --define '_topdir #{@topdir}' -ba
#{@rpm_spec}"
end
end
+
+ def rpm_file
+ # FIXME support all a spec's subpackages as well
+ "#{@topdir}/RPMS/#{@arch}/#{@name}-#{@version}-#{@release}.#{(a)arch}.rpm"
+ end
end
end
diff --git a/rake/yumtask.rb b/rake/yumtask.rb
index aebecab..9b713ea 100644
--- a/rake/yumtask.rb
+++ b/rake/yumtask.rb
@@ -28,9 +28,8 @@ module Rake
def define
desc "Build the yum repo"
- task :create_repo => :rpms do
+ task :create_repo => @rpms do
@rpms.each { |rpm|
- rpm = Dir.glob(rpm).first
rpmc = rpm.split('.')
arch = rpmc[rpmc.size-2]
arch_dir = @yum_repo + "/" + arch
--
1.7.2.3
9:40 p.m.
New subject: [PATCH appliance 2/7] improve rpm and yum tasks
On 12/22/2010 02:59 PM, Mohammed Morsi wrote:
- decouple yum create_repo task from rpms task and just
have it depend on the rpm file existance
- parse dist out from rpm macros config instead of hard coding it
---
Rakefile | 3 ++-
rake/rpmtask.rb | 20 +++++++++++++++-----
rake/yumtask.rb | 3 +--
3 files changed, 18 insertions(+), 8 deletions(-)
diff --git a/Rakefile b/Rakefile
index e5722c0..cd96a85 100644
--- a/Rakefile
+++ b/Rakefile
@@ -14,6 +14,7 @@ PKG_NAME = "deltacloud_recipe"
RPM_SPEC = "contrib/deltacloud_recipe.spec"
# Build the rpm
+rpm_task =
Rake::RpmTask.new(RPM_SPEC) do |rpm|
rpm.need_tar = true
rpm.package_files.include("bin/*", "#{PKG_NAME}/**/*")
@@ -22,5 +23,5 @@ end
# Construct yum repo
Rake::YumTask.new(YUM_REPO) do |repo|
- repo.rpms<< "#{RPMBUILD_DIR}/RPMS/noarch/#{PKG_NAME}*.rpm"
+ repo.rpms<< rpm_task.rpm_file
end
diff --git a/rake/rpmtask.rb b/rake/rpmtask.rb
index c836ce9..ff2ee66 100644
--- a/rake/rpmtask.rb
+++ b/rake/rpmtask.rb
@@ -27,6 +27,13 @@ module Rake
def init(rpm_spec)
@rpm_spec = rpm_spec
+ # parse this out of the rpmbuild macros,
+ # not ideal but better than hardcoding this
+ File.open('/etc/rpm/macros.dist', "r") { |f|
+ f.read.scan(/%dist\s*\.(.*)\n/)
+ @distro = $1
+ }
+
# Parse rpm name / version out of spec
# FIXME hacky way to do this for now
# (would be nice to implement a full blown rpm spec parser for ruby)
@@ -35,14 +42,14 @@ module Rake
@name = contents.scan(/\nName: .*\n/).first.split.last
@version = contents.scan(/\nVersion: .*\n/).first.split.last
@release = contents.scan(/\nRelease: .*\n/).first.split.last
- @arch = contents.scan(/\nBuildArch: .*\n/)
+ @release.gsub!("%{?dist}", ".#{@distro}")
+ @arch = contents.scan(/\nBuildArch: .*\n/) # TODO grab local arch if not
defined
if @arch.nil?
@arch = Config::CONFIG["target_cpu"] # hoping this will work for
all cases,
# can just run the 'arch' cmd if
we want
else
@arch = @arch.first.split.last
end
- @distro = 'fc13' # FIXME shouldn't be hardcoded
}
super(@name, @version)
@@ -55,17 +62,20 @@ module Rake
directory "#{@topdir}/SOURCES"
directory "#{@topdir}/SPECS"
- # FIXME support all a spec's subpackages as well
- rpm_file =
"#{@topdir}/RPMS/#{@arch}/#{@name}-#{@version}-#{@release}.#{@distro}.#{(a)arch}.rpm"
desc "Build the rpms"
task :rpms => [rpm_file]
- # FIXME properly determine :package build artifact(s) to copy to sources dir,
allow users to specify others
+ # FIXME properly determine :package build artifact(s) to copy to sources dir
file rpm_file => [:package, "#{@topdir}/SOURCES",
"#{@topdir}/SPECS"] do
cp "#{package_dir}/#{@name}-#{(a)version}.tgz",
"#{@topdir}/SOURCES/"
cp @rpm_spec, "#{@topdir}/SPECS"
sh "#{@rpmbuild_cmd} --define '_topdir #{@topdir}' -ba
#{@rpm_spec}"
end
end
+
+ def rpm_file
+ # FIXME support all a spec's subpackages as well
+
"#{@topdir}/RPMS/#{@arch}/#{@name}-#{@version}-#{@release}.#{(a)arch}.rpm"
+ end
end
end
diff --git a/rake/yumtask.rb b/rake/yumtask.rb
index aebecab..9b713ea 100644
--- a/rake/yumtask.rb
+++ b/rake/yumtask.rb
@@ -28,9 +28,8 @@ module Rake
def define
desc "Build the yum repo"
- task :create_repo => :rpms do
+ task :create_repo => @rpms do
@rpms.each { |rpm|
- rpm = Dir.glob(rpm).first
rpmc = rpm.split('.')
arch = rpmc[rpmc.size-2]
arch_dir = @yum_repo + "/" + arch
ACK
1:59 p.m.
New subject: [PATCH appliance 3/7] introduce firewall, ntp, postgres puppet recipes
move deltacloud recipe to the recipes directory
---
Rakefile | 2 +-
contrib/deltacloud_recipe.spec | 9 +-
deltacloud_recipe/deltacloud_recipe.pp | 55 ---
deltacloud_recipe/deltacloud_stop_services.pp | 32 --
deltacloud_recipe/deltacloud_uninstall.pp | 41 --
deltacloud_recipe/files/condor_config.local | 26 --
deltacloud_recipe/files/deltacloud-core | 76 ----
deltacloud_recipe/files/imagefactory.yml | 12 -
deltacloud_recipe/files/iwhd-conf.js | 7 -
deltacloud_recipe/files/iwhd.init | 73 ----
deltacloud_recipe/files/pg_hba.conf | 2 -
deltacloud_recipe/files/qpidd.conf | 25 --
.../files/root-boxgrinder-plugins-local | 3 -
deltacloud_recipe/manifests/deltacloud.pp | 382 --------------------
deltacloud_recipe/manifests/postgres.pp | 38 --
deltacloud_recipe/manifests/rails.pp | 24 --
deltacloud_recipe/manifests/selinux.pp | 11 -
deltacloud_recipe/manifests/time.pp | 8 -
recipes/deltacloud_recipe/deltacloud_recipe.pp | 55 +++
.../deltacloud_recipe/deltacloud_stop_services.pp | 32 ++
recipes/deltacloud_recipe/deltacloud_uninstall.pp | 41 ++
.../deltacloud_recipe/files/condor_config.local | 26 ++
recipes/deltacloud_recipe/files/deltacloud-core | 76 ++++
recipes/deltacloud_recipe/files/imagefactory.yml | 12 +
recipes/deltacloud_recipe/files/iwhd-conf.js | 7 +
recipes/deltacloud_recipe/files/iwhd.init | 73 ++++
recipes/deltacloud_recipe/files/pg_hba.conf | 2 +
recipes/deltacloud_recipe/files/qpidd.conf | 25 ++
.../files/root-boxgrinder-plugins-local | 3 +
recipes/deltacloud_recipe/manifests/deltacloud.pp | 382 ++++++++++++++++++++
recipes/deltacloud_recipe/manifests/postgres.pp | 38 ++
recipes/deltacloud_recipe/manifests/rails.pp | 24 ++
recipes/deltacloud_recipe/manifests/selinux.pp | 11 +
recipes/deltacloud_recipe/manifests/time.pp | 8 +
recipes/firewall/README | 1 +
.../firewall/files/chain_rules/filter/FORWARD.head | 1 +
.../firewall/files/chain_rules/filter/FORWARD.tail | 1 +
.../firewall/files/chain_rules/filter/INPUT.head | 8 +
.../firewall/files/chain_rules/filter/INPUT.tail | 3 +
.../firewall/files/chain_rules/filter/OUTPUT.head | 1 +
.../firewall/files/chain_rules/filter/OUTPUT.tail | 1 +
.../firewall/files/chain_rules/mangle/FORWARD.head | 1 +
.../firewall/files/chain_rules/mangle/FORWARD.tail | 1 +
.../firewall/files/chain_rules/mangle/INPUT.head | 1 +
.../firewall/files/chain_rules/mangle/INPUT.tail | 1 +
.../files/chain_rules/mangle/POSTROUTING.head | 1 +
.../files/chain_rules/mangle/POSTROUTING.tail | 1 +
recipes/firewall/files/chain_rules/nat/OUTPUT.head | 1 +
recipes/firewall/files/chain_rules/nat/OUTPUT.tail | 1 +
.../files/chain_rules/nat/POSTROUTING.head | 1 +
.../files/chain_rules/nat/POSTROUTING.tail | 1 +
.../firewall/files/chain_rules/nat/PREROUTING.head | 1 +
.../firewall/files/chain_rules/nat/PREROUTING.tail | 1 +
recipes/firewall/files/chain_rules/raw/OUTPUT.head | 1 +
recipes/firewall/files/chain_rules/raw/OUTPUT.tail | 1 +
.../firewall/files/chain_rules/raw/PREROUTING.head | 1 +
.../firewall/files/chain_rules/raw/PREROUTING.tail | 1 +
recipes/firewall/files/iptables-update.sh | 200 ++++++++++
recipes/firewall/manifests/defines.pp | 77 ++++
recipes/firewall/manifests/init.pp | 102 ++++++
recipes/firewall/templates/rule.erb | 70 ++++
recipes/ntp/manifests/init.pp | 45 +++
recipes/ntp/templates/ntp.conf | 5 +
recipes/ntp/templates/step-tickers | 4 +
recipes/postgres/files/pg_hba.conf | 8 +
recipes/postgres/manifests/init.pp | 70 ++++
.../puppet/provider/pgsql_database/pgsql.rb | 64 ++++
.../plugins/puppet/provider/pgsql_grant/pgsql.rb | 155 ++++++++
.../plugins/puppet/provider/pgsql_user/pgsql.rb | 127 +++++++
.../postgres/plugins/puppet/type/pgsql_database.rb | 14 +
.../postgres/plugins/puppet/type/pgsql_grant.rb | 77 ++++
recipes/postgres/plugins/puppet/type/pgsql_user.rb | 48 +++
72 files changed, 1920 insertions(+), 819 deletions(-)
delete mode 100644 deltacloud_recipe/deltacloud_recipe.pp
delete mode 100644 deltacloud_recipe/deltacloud_stop_services.pp
delete mode 100644 deltacloud_recipe/deltacloud_uninstall.pp
delete mode 100644 deltacloud_recipe/files/condor_config.local
delete mode 100755 deltacloud_recipe/files/deltacloud-core
delete mode 100644 deltacloud_recipe/files/imagefactory.yml
delete mode 100644 deltacloud_recipe/files/iwhd-conf.js
delete mode 100755 deltacloud_recipe/files/iwhd.init
delete mode 100644 deltacloud_recipe/files/pg_hba.conf
delete mode 100644 deltacloud_recipe/files/qpidd.conf
delete mode 100644 deltacloud_recipe/files/root-boxgrinder-plugins-local
delete mode 100644 deltacloud_recipe/manifests/deltacloud.pp
delete mode 100644 deltacloud_recipe/manifests/postgres.pp
delete mode 100644 deltacloud_recipe/manifests/rails.pp
delete mode 100644 deltacloud_recipe/manifests/selinux.pp
delete mode 100644 deltacloud_recipe/manifests/time.pp
create mode 100644 recipes/deltacloud_recipe/deltacloud_recipe.pp
create mode 100644 recipes/deltacloud_recipe/deltacloud_stop_services.pp
create mode 100644 recipes/deltacloud_recipe/deltacloud_uninstall.pp
create mode 100644 recipes/deltacloud_recipe/files/condor_config.local
create mode 100755 recipes/deltacloud_recipe/files/deltacloud-core
create mode 100644 recipes/deltacloud_recipe/files/imagefactory.yml
create mode 100644 recipes/deltacloud_recipe/files/iwhd-conf.js
create mode 100755 recipes/deltacloud_recipe/files/iwhd.init
create mode 100644 recipes/deltacloud_recipe/files/pg_hba.conf
create mode 100644 recipes/deltacloud_recipe/files/qpidd.conf
create mode 100644 recipes/deltacloud_recipe/files/root-boxgrinder-plugins-local
create mode 100644 recipes/deltacloud_recipe/manifests/deltacloud.pp
create mode 100644 recipes/deltacloud_recipe/manifests/postgres.pp
create mode 100644 recipes/deltacloud_recipe/manifests/rails.pp
create mode 100644 recipes/deltacloud_recipe/manifests/selinux.pp
create mode 100644 recipes/deltacloud_recipe/manifests/time.pp
create mode 100644 recipes/firewall/README
create mode 100644 recipes/firewall/files/chain_rules/filter/FORWARD.head
create mode 100644 recipes/firewall/files/chain_rules/filter/FORWARD.tail
create mode 100644 recipes/firewall/files/chain_rules/filter/INPUT.head
create mode 100644 recipes/firewall/files/chain_rules/filter/INPUT.tail
create mode 100644 recipes/firewall/files/chain_rules/filter/OUTPUT.head
create mode 100644 recipes/firewall/files/chain_rules/filter/OUTPUT.tail
create mode 100644 recipes/firewall/files/chain_rules/mangle/FORWARD.head
create mode 100644 recipes/firewall/files/chain_rules/mangle/FORWARD.tail
create mode 100644 recipes/firewall/files/chain_rules/mangle/INPUT.head
create mode 100644 recipes/firewall/files/chain_rules/mangle/INPUT.tail
create mode 100644 recipes/firewall/files/chain_rules/mangle/POSTROUTING.head
create mode 100644 recipes/firewall/files/chain_rules/mangle/POSTROUTING.tail
create mode 100644 recipes/firewall/files/chain_rules/nat/OUTPUT.head
create mode 100644 recipes/firewall/files/chain_rules/nat/OUTPUT.tail
create mode 100644 recipes/firewall/files/chain_rules/nat/POSTROUTING.head
create mode 100644 recipes/firewall/files/chain_rules/nat/POSTROUTING.tail
create mode 100644 recipes/firewall/files/chain_rules/nat/PREROUTING.head
create mode 100644 recipes/firewall/files/chain_rules/nat/PREROUTING.tail
create mode 100644 recipes/firewall/files/chain_rules/raw/OUTPUT.head
create mode 100644 recipes/firewall/files/chain_rules/raw/OUTPUT.tail
create mode 100644 recipes/firewall/files/chain_rules/raw/PREROUTING.head
create mode 100644 recipes/firewall/files/chain_rules/raw/PREROUTING.tail
create mode 100644 recipes/firewall/files/iptables-update.sh
create mode 100644 recipes/firewall/manifests/defines.pp
create mode 100644 recipes/firewall/manifests/init.pp
create mode 100644 recipes/firewall/templates/rule.erb
create mode 100644 recipes/ntp/README
create mode 100644 recipes/ntp/manifests/init.pp
create mode 100644 recipes/ntp/templates/ntp.conf
create mode 100644 recipes/ntp/templates/step-tickers
create mode 100644 recipes/postgres/README
create mode 100644 recipes/postgres/files/pg_hba.conf
create mode 100644 recipes/postgres/manifests/init.pp
create mode 100644 recipes/postgres/plugins/puppet/provider/pgsql_database/pgsql.rb
create mode 100644 recipes/postgres/plugins/puppet/provider/pgsql_grant/pgsql.rb
create mode 100644 recipes/postgres/plugins/puppet/provider/pgsql_user/pgsql.rb
create mode 100644 recipes/postgres/plugins/puppet/type/pgsql_database.rb
create mode 100644 recipes/postgres/plugins/puppet/type/pgsql_grant.rb
create mode 100644 recipes/postgres/plugins/puppet/type/pgsql_user.rb
diff --git a/Rakefile b/Rakefile
index cd96a85..18ba513 100644
--- a/Rakefile
+++ b/Rakefile
@@ -17,7 +17,7 @@ RPM_SPEC = "contrib/deltacloud_recipe.spec"
rpm_task =
Rake::RpmTask.new(RPM_SPEC) do |rpm|
rpm.need_tar = true
- rpm.package_files.include("bin/*", "#{PKG_NAME}/**/*")
+ rpm.package_files.include("bin/*", "recipes/**/*")
rpm.topdir = "#{RPMBUILD_DIR}"
end
diff --git a/contrib/deltacloud_recipe.spec b/contrib/deltacloud_recipe.spec
index 365d802..882013a 100644
--- a/contrib/deltacloud_recipe.spec
+++ b/contrib/deltacloud_recipe.spec
@@ -35,9 +35,12 @@ Deltacloud Puppet Recipe
%install
rm -rf %{buildroot}
%{__mkdir} -p %{buildroot}/%{dchome}/modules/%{name} %{buildroot}/%{_sbindir}
-%{__cp} -R %{pbuild}/%{name}/deltacloud_recipe.pp %{buildroot}/%{dchome}
-%{__cp} -R %{pbuild}/%{name}/deltacloud_uninstall.pp %{buildroot}/%{dchome}
-%{__cp} -R %{pbuild}/%{name}/*/ %{buildroot}/%{dchome}/modules/%{name}
+%{__cp} -R %{pbuild}/recipes/%{name}/deltacloud_recipe.pp %{buildroot}/%{dchome}
+%{__cp} -R %{pbuild}/recipes/%{name}/deltacloud_uninstall.pp %{buildroot}/%{dchome}
+%{__cp} -R %{pbuild}/recipes/%{name}/*/ %{buildroot}/%{dchome}/modules/%{name}
+%{__cp} -R %{pbuild}/recipes/firewall/ %{buildroot}/%{dchome}/modules/firewall
+%{__cp} -R %{pbuild}/recipes/ntp/ %{buildroot}/%{dchome}/modules/ntp
+%{__cp} -R %{pbuild}/recipes/postgres/ %{buildroot}/%{dchome}/modules/postgres
%{__cp} -R %{pbuild}/bin/dc-install %{buildroot}/%{_sbindir}/
%{__cp} -R %{pbuild}/bin/dc-uninstall %{buildroot}/%{_sbindir}/
diff --git a/deltacloud_recipe/deltacloud_recipe.pp
b/deltacloud_recipe/deltacloud_recipe.pp
deleted file mode 100644
index d7e8765..0000000
--- a/deltacloud_recipe/deltacloud_recipe.pp
+++ /dev/null
@@ -1,55 +0,0 @@
-#--
-# Copyright (C) 2010 Red Hat Inc.
-#
-# This library is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser General Public
-# License as published by the Free Software Foundation; either
-# version 2.1 of the License, or (at your option) any later version.
-#
-# This library is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public
-# License along with this library; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-#
-# Author: Mohammed Morsi <mmorsi(a)redhat.com>
-#--
-
-#
-# deltacloud installation recipe
-#
-
-# Modules used by the recipe
-import "deltacloud_recipe/deltacloud"
-
-# setup the deltacloud repositories
-dc::repos{"deltacloud":}
-
-# install deltacloud components
-dc::package::install{["aggregator", "core"]:
- require => Dc::Repos["deltacloud"]}
-
-# setup selinux
-dc::selinux{'deltacloud':}
-
-# setup the firewall
-dc::firewall{'deltacloud':}
-
-# setup deltacloud db
-dc::db{"postgres":}
-
-# start deltacloud services
-dc::service::start{["aggregator", "core", 'iwhd',
'image-factory']:}
-
-# create bucket in image warehouse
-dc::create_bucket{"deltacloud":}
-
-# Create dcuser aggregator web user
-dc::site_admin{"admin":
- email => 'dcuser(a)deltacloud.org',
- password => 'password',
- first_name => 'deltacloud',
- last_name => 'user'}
diff --git a/deltacloud_recipe/deltacloud_stop_services.pp
b/deltacloud_recipe/deltacloud_stop_services.pp
deleted file mode 100644
index 71cb1bf..0000000
--- a/deltacloud_recipe/deltacloud_stop_services.pp
+++ /dev/null
@@ -1,32 +0,0 @@
-#--
-# Copyright (C) 2010 Red Hat Inc.
-#
-# This library is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser General Public
-# License as published by the Free Software Foundation; either
-# version 2.1 of the License, or (at your option) any later version.
-#
-# This library is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public
-# License along with this library; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-#
-# Author: Mohammed Morsi <mmorsi(a)redhat.com>
-#--
-
-#
-# deltacloud uninstallation recipe
-#
-
-# Modules used by the recipe
-import "deltacloud_recipe/deltacloud"
-
-$services = ["aggregator", "core", 'iwhd',
'image-factory']
-
-# stop deltacloud services
-dc::service{$services:
- ensure => 'stopped', enable => false}
diff --git a/deltacloud_recipe/deltacloud_uninstall.pp
b/deltacloud_recipe/deltacloud_uninstall.pp
deleted file mode 100644
index b39d423..0000000
--- a/deltacloud_recipe/deltacloud_uninstall.pp
+++ /dev/null
@@ -1,41 +0,0 @@
-#--
-# Copyright (C) 2010 Red Hat Inc.
-#
-# This library is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser General Public
-# License as published by the Free Software Foundation; either
-# version 2.1 of the License, or (at your option) any later version.
-#
-# This library is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public
-# License along with this library; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-#
-# Author: Mohammed Morsi <mmorsi(a)redhat.com>
-#--
-
-#
-# deltacloud uninstallation recipe
-#
-
-# Modules used by the recipe
-import "deltacloud_recipe/deltacloud"
-
-$packages = ["aggregator", "core"]
-
-# stop deltacloud services
-dc::service::stop{["aggregator", "core", 'iwhd',
'image-factory']:}
-
-# destroy deltacloud db
-dc::db::destroy{"postgres":
- require => Dc::Service::Stop['aggregator']}
-
-# install deltacloud components
-dc::package::uninstall{$packages:
- require => Dc::Db::Destroy['postgres']}
-
-dc::cleanup{"deltacloud": require => Dc::Package::Uninstall[$packages]}
diff --git a/deltacloud_recipe/files/condor_config.local
b/deltacloud_recipe/files/condor_config.local
deleted file mode 100644
index d9d50c5..0000000
--- a/deltacloud_recipe/files/condor_config.local
+++ /dev/null
@@ -1,26 +0,0 @@
-CONDOR_HOST = $(FULL_HOSTNAME)
-ALLOW_WRITE = *
-
-DAEMON_LIST = MASTER, SCHEDD, COLLECTOR, NEGOTIATOR, STARTD
-
-MAX_GRIDMANAGER_LOG = 500000000
-GRIDMANAGER_JOB_PROBE_INTERVAL = 30
-
-GRIDMANAGER_DEBUG = D_FULLDEBUG
-NEGOTIATOR_DEBUG = D_FULLDEBUG
-COLLECTOR_DEBUG = D_FULLDEBUG
-
-DCLOUD_GAHP = $(SBIN)/dcloud_gahp
-
-CLASSAD_LIFETIME = 0
-
-# for re-advertising classads (i.e. condor_refreshd)
-CONDOR_DEVELOPERS_COLLECTOR = localhost:7890
-COLLECTOR_UPDATE_INTERVAL = 900
-
-# for the event log parsing (i.e. dbomatic)
-EVENT_LOG=$(LOG)/EventLog
-EVENT_LOG_USE_XML=True
-EVENT_LOG_JOB_AD_INFORMATION_ATTRS=Owner,GlobalJobId,Cmd,JobStartDate,JobCurrentStartDate,JobFinishedHookDone
-
-CLASSAD_USER_LIBS =
/usr/share/deltacloud-aggregator/classad_plugin/deltacloud_classad_plugin.so
diff --git a/deltacloud_recipe/files/deltacloud-core
b/deltacloud_recipe/files/deltacloud-core
deleted file mode 100755
index 3eb0afa..0000000
--- a/deltacloud_recipe/files/deltacloud-core
+++ /dev/null
@@ -1,76 +0,0 @@
-#!/bin/bash
-#
-#
-# deltacloud-core startup script for deltacloud-core server
-#
-# chkconfig: - 97 03
-# description: deltacloud-core is primary server process for the \
-# Deltacloud Core component.
-#
-
-[ -r /etc/sysconfig/deltacloud-core ] && . /etc/sysconfig/deltacloud-core
-
-ENV="${ENV:-production}"
-DRIVER="${DRIVER:-ec2}"
-PORT="${PORT:-3002}"
-LOCKFILE="${LOCKFILE:-/var/lock/subsys/deltacloud-core }"
-LOGFILE="${LOGFILE:-/var/log/deltacloud-core/$DRIVER.log}"
-
-PROG=/usr/bin/deltacloudd
-
-. /etc/init.d/functions
-
-start() {
- echo -n "Starting deltacloud-core: "
-
- $PROG -i $DRIVER -e $ENV -p $PORT >> $LOGFILE 2>&1 &
- RETVAL=$?
- if [ $RETVAL -eq 0 ] && touch $LOCKFILE ; then
- echo_success
- echo
- else
- echo_failure
- echo
- fi
-}
-
-stop() {
- echo -n "Shutting down deltacloud-core: "
- RETVAL=$?
- killall deltacloudd
- if [ $RETVAL -eq 0 ] && rm -f $LOCKFILE ; then
- echo_success
- echo
- else
- echo_failure
- echo
- fi
-}
-
-case "$1" in
- start)
- start
- ;;
- stop)
- stop
- ;;
- restart)
- stop
- start
- ;;
- reload)
- ;;
- force-reload)
- restart
- ;;
- status)
- status $PROG
- RETVAL=$?
- ;;
- *)
- echo "Usage: deltacloud-core {start|stop|restart|status}"
- exit 1
- ;;
-esac
-
-exit $RETVAL
diff --git a/deltacloud_recipe/files/imagefactory.yml
b/deltacloud_recipe/files/imagefactory.yml
deleted file mode 100644
index 7f3abe7..0000000
--- a/deltacloud_recipe/files/imagefactory.yml
+++ /dev/null
@@ -1,12 +0,0 @@
-bg_command: /usr/bin/boxgrinder-build
-bg_working_dir: /boxgrinder/appliances
-bg_local_delivery: /boxgrinder/packaged_builds
-warehouse_active: true # if false Factory will not attempt any warehouse actions at all
-warehouse_host: localhost
-warehouse_port: 9090
-warehouse_bucket: templates
-# Which entity should actually bundle and upload the EC2 AMI
-ami_delivery: boxgrinder # Valid values are boxgrinder or warehouse
-ami_s3_bucket: deltacloud # S3 bucket to use when uploading bundle
-# Note that directory must exist
-mock_dir: /var/tmp/clalance-mock # Directory to use when building mock target
diff --git a/deltacloud_recipe/files/iwhd-conf.js b/deltacloud_recipe/files/iwhd-conf.js
deleted file mode 100644
index 44516e0..0000000
--- a/deltacloud_recipe/files/iwhd-conf.js
+++ /dev/null
@@ -1,7 +0,0 @@
-[
- {
- "name": "primary",
- "type": "fs",
- "path": "."
- }
-]
diff --git a/deltacloud_recipe/files/iwhd.init b/deltacloud_recipe/files/iwhd.init
deleted file mode 100755
index e5745e9..0000000
--- a/deltacloud_recipe/files/iwhd.init
+++ /dev/null
@@ -1,73 +0,0 @@
-#!/bin/bash
-#
-#
-# iwhd startup script for iwhd server
-#
-# chkconfig: - 97 03
-# description: iwhd is primary server process for the \
-# IWHD component.
-#
-
-[ -r /etc/sysconfig/iwhd ] && . /etc/sysconfig/iwhd
-
-LOCKFILE="${LOCKFILE:-/var/lock/subsys/iwhd }"
-
-PROG=/usr/sbin/iwhd
-CONF=/etc/iwhd/conf.js
-
-. /etc/init.d/functions
-
-start() {
- echo -n "Starting iwhd: "
-
- $PROG -c $CONF&
- RETVAL=$?
- if [ $RETVAL -eq 0 ] && touch $LOCKFILE ; then
- echo_success
- echo
- else
- echo_failure
- echo
- fi
-}
-
-stop() {
- echo -n "Shutting down iwhd: "
- RETVAL=$?
- killall iwhd
- if [ $RETVAL -eq 0 ] && rm -f $LOCKFILE ; then
- echo_success
- echo
- else
- echo_failure
- echo
- fi
-}
-
-case "$1" in
- start)
- start
- ;;
- stop)
- stop
- ;;
- restart)
- stop
- start
- ;;
- reload)
- ;;
- force-reload)
- restart
- ;;
- status)
- status $PROG
- RETVAL=$?
- ;;
- *)
- echo "Usage: iwhd {start|stop|restart|status}"
- exit 1
- ;;
-esac
-
-exit $RETVAL
diff --git a/deltacloud_recipe/files/pg_hba.conf b/deltacloud_recipe/files/pg_hba.conf
deleted file mode 100644
index 70d83bb..0000000
--- a/deltacloud_recipe/files/pg_hba.conf
+++ /dev/null
@@ -1,2 +0,0 @@
-local all all trust
-host all all 127.0.0.1 255.255.255.255 trust
diff --git a/deltacloud_recipe/files/qpidd.conf b/deltacloud_recipe/files/qpidd.conf
deleted file mode 100644
index da050c0..0000000
--- a/deltacloud_recipe/files/qpidd.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-#
-# Configuration file for qpidd. Entries are of the form:
-# name=value
-#
-# (Note: no spaces on either side of '='). Using default settings:
-# "qpidd --help" or "man qpidd" for more details.
-cluster-mechanism=ANONYMOUS
-auth=no
diff --git a/deltacloud_recipe/files/root-boxgrinder-plugins-local
b/deltacloud_recipe/files/root-boxgrinder-plugins-local
deleted file mode 100644
index 32ada19..0000000
--- a/deltacloud_recipe/files/root-boxgrinder-plugins-local
+++ /dev/null
@@ -1,3 +0,0 @@
-path: /boxgrinder/packaged_builds
-overwrite: false
-package: false
diff --git a/deltacloud_recipe/manifests/deltacloud.pp
b/deltacloud_recipe/manifests/deltacloud.pp
deleted file mode 100644
index 0924075..0000000
--- a/deltacloud_recipe/manifests/deltacloud.pp
+++ /dev/null
@@ -1,382 +0,0 @@
-# Deltacloud puppet definitions
-
-import "firewall"
-
-import "postgres"
-import "rails"
-import "selinux"
-import "time"
-
-# Setup repos which to pull deltacloud components
-define dc::repos(){
- yumrepo{"${name}_arch":
- name => "${name}_arch",
- baseurl =>
'http://repos.fedorapeople.org/repos/deltacloud/appliance/fedora-$releasever/$basearch',
- enabled => 1, gpgcheck => 0}
- yumrepo{"${name}_noarch":
- name => "${name}_noarch",
- baseurl =>
'http://repos.fedorapeople.org/repos/deltacloud/appliance/fedora-$releasever/noarch',
- enabled => 1, gpgcheck => 0}
- yumrepo{"${name}_pulp":
- name => "${name}_pulp",
- baseurl =>
'http://repos.fedorapeople.org/repos/pulp/pulp/fedora-13/$basearch/',
- enabled => 1, gpgcheck => 0}
-}
-
-# Install the deltacloud components
-define dc::package::install(){
- case $name {
- 'aggregator': {
- # specific versions of these two packages are needed and we need to pull the third
in
- package { 'python-imgcreate':
- provider => 'rpm', ensure => installed,
- source =>
'http://repos.fedorapeople.org/repos/deltacloud/appliance/fedora-13/x86_64/python-imgcreate-031-1.fc12.1.x86_64.rpm'}
- package { 'livecd-tools':
- provider => 'rpm', ensure => installed,
- source =>
'http://repos.fedorapeople.org/repos/deltacloud/appliance/fedora-13/x86_64/livecd-tools-031-1.fc12.1.x86_64.rpm',
- require => Package['python-imgcreate']}
- package { 'appliance-tools':
- provider => 'yum', ensure => installed,
- require => Package["livecd-tools",
"python-imgcreate"] }
-
- # TODO: Fix me, find a better way to do this...
- # We need to also install this rpm from amazon
- package{"ec2-ami-tools":
- provider => "rpm",
- source =>
"http://s3.amazonaws.com/ec2-downloads/ec2-ami-tools.noarch.rpm",
- ensure => 'installed' }
-
- package { 'rubygem-deltacloud-client':
- provider => 'yum', ensure => 'installed' }
- package { 'rubygem-deltacloud-image-builder-agent':
- provider => 'yum', ensure => 'installed',
- require => Package['appliance-tools',
'livecd-tools', 'python-imgcreate', 'ec2-ami-tools']}
- package { 'iwhd':
- provider => 'yum', ensure => 'installed' }
-
-
- package {['deltacloud-aggregator',
- 'deltacloud-aggregator-daemons',
- 'deltacloud-aggregator-doc']:
- provider => 'yum', ensure => 'installed',
- require => Package['rubygem-deltacloud-client',
- 'rubygem-deltacloud-image-builder-agent',
- 'iwhd']}
- }
-
- 'core': {
- package { 'rubygem-deltacloud-core':
- provider => 'yum', ensure => 'installed'}
- file { "/var/log/deltacloud-core": ensure => 'directory' }
- }
- }
-}
-
-# Uninstall the deltacloud components
-define dc::package::uninstall(){
- case $name {
- 'aggregator': {
- package {['deltacloud-aggregator-daemons',
- 'deltacloud-aggregator-doc']:
- provider => 'yum', ensure => 'absent',
- require => Service['deltacloud-aggregator',
- 'deltacloud-condor_refreshd',
- 'deltacloud-dbomatic',
- 'imagefactoryd',
- 'deltacloud-image_builder_service']}
-
- package {'deltacloud-aggregator':
- provider => 'yum', ensure => 'absent',
- require => Package['deltacloud-aggregator-daemons',
- 'deltacloud-aggregator-doc'] }
- package { 'rubygem-deltacloud-client':
- provider => 'yum', ensure => 'absent',
- require => Package['deltacloud-aggregator']}
- package { 'rubygem-deltacloud-image-builder-agent':
- provider => 'yum', ensure => 'absent',
- require => Package['deltacloud-aggregator']}
- package { 'iwhd':
- provider => 'yum', ensure => 'absent',
- require => [Package['deltacloud-aggregator'],
Service['iwhd']]}
-
- # FIXME these lingering dependencies, pulled in for
- # rubygem-deltacloud-image-builder-agent, need to be removed as
- # ec2-ami-tools and appliance-tools depend on them and using
- # 'absent' in the context of the 'yum' provider dispatches
- # to 'rpm -e' instead of 'yum erase'
- package { ['rubygem-boxgrinder-build-ec2-platform-plugin',
- 'rubygem-boxgrinder-build-centos-os-plugin',
- 'rubygem-boxgrinder-build-fedora-os-plugin']:
- provider => "yum", ensure => 'absent',
- require =>
Package['rubygem-deltacloud-image-builder-agent']}
- package { 'rubygem-boxgrinder-build-rhel-os-plugin':
- provider => "yum", ensure => 'absent',
- require =>
Package['rubygem-boxgrinder-build-centos-os-plugin']}
- package { 'rubygem-boxgrinder-build-rpm-based-os-plugin':
- provider => "yum", ensure => 'absent',
- require =>
Package['rubygem-boxgrinder-build-rhel-os-plugin',
-
'rubygem-boxgrinder-build-fedora-os-plugin']}
-
- package { 'ec2-ami-tools':
- provider => "yum", ensure => 'absent',
- require =>
Package['rubygem-boxgrinder-build-ec2-platform-plugin']}
- package { 'appliance-tools':
- provider => 'yum', ensure => 'absent',
- require =>
Package['rubygem-boxgrinder-build-rpm-based-os-plugin']}
- package { 'livecd-tools':
- provider => 'yum', ensure => 'absent',
- require => Package['appliance-tools']}
- package { 'python-imgcreate':
- provider => 'yum', ensure => 'absent',
- require => Package['appliance-tools',
'livecd-tools']}
-
- }
-
- 'core': {
- package { 'rubygem-deltacloud-core':
- provider => 'yum', ensure => 'absent',
- require => Service['deltacloud-core']}
- }
- }
-}
-
-# Setup selinux for deltacloud
-define dc::selinux(){
- selinux::mode{"permissive":}
-}
-
-# Setup firewall for deltacloud
-define dc::firewall(){
- firewall::setup{'deltacloud': status=>"enabled"}
- firewall_open_port{"httpd": port => "80", policy =>
"tcp"}
-}
-
-# TODO disable selinux until we're sure everything works w/ it enabled
-
-# Start the deltacloud services
-define dc::service::start(){
- case $name {
- 'aggregator': {
- file {"/var/lib/condor/condor_config.local":
- source => "puppet:///deltacloud_recipe/condor_config.local",
- require => Package['deltacloud-aggregator-daemons'] }
- service { ['condor', 'httpd']:
- ensure => 'running',
- enable => true,
- require => File['/var/lib/condor/condor_config.local'] }
- service { ['deltacloud-aggregator',
- 'deltacloud-condor_refreshd',
- 'deltacloud-dbomatic']:
- ensure => 'running',
- enable => true,
- hasstatus => true,
- require => [Package['deltacloud-aggregator-daemons'],
- Rails::Migrate::Db[migrate_deltacloud_database],
- Service[condor]] }
- }
-
- 'core': {
- time::sync{"deltacloud":} # we need to sync time to communicate w/ cloud
providers
- file {"/etc/init.d/deltacloud-core":
- source => "puppet:///deltacloud_recipe/deltacloud-core",
- mode => 755 }
- service { 'deltacloud-core':
- ensure => 'running',
- enable => true,
- require => [Package['rubygem-deltacloud-core'],
- File['/etc/init.d/deltacloud-core']] }
- }
-
- 'iwhd': {
- file { "/data": ensure => 'directory' }
- file { "/data/db": ensure => 'directory' }
- service { 'mongod':
- ensure => 'running',
- enable => true,
- require => [Package['iwhd'], File["/data/db"]]}
- service { 'iwhd':
- ensure => 'running',
- enable => true,
- require => [Package['iwhd'],
- Service[mongod]]}
- }
-
- 'image-factory': {
- dc::configure_boxgrinder{'conf_bxg':}
- file { "/etc/qpidd.conf":
- source => "puppet:///deltacloud_recipe/qpidd.conf",
- mode => 644 }
- service {'qpidd':
- ensure => 'running',
- enable => true,
- require => [File['/etc/qpidd.conf'],
- Package['deltacloud-aggregator-daemons']]}
- file { "/etc/imagefactory.yml":
- source => "puppet:///deltacloud_recipe/imagefactory.yml",
- mode => 644 }
- $requires = [Package['rubygem-deltacloud-image-builder-agent'],
- Package['deltacloud-aggregator-daemons'],
- File['/etc/imagefactory.yml'],
- Service[qpidd],
- Rails::Migrate::Db[migrate_deltacloud_database],
- Dc::Configure_boxgrinder['conf_bxg']]
- service { 'imagefactoryd':
- ensure => 'running',
- enable => true,
- require => $requires}
- service { 'deltacloud-image_builder_service':
- ensure => 'running',
- enable => true,
- hasstatus => true,
- require => $requires}
- }
- }
-}
-
-# Stop the deltacloud services
-define dc::service::stop(){
- case $name {
- 'aggregator': {
- service { ['condor', 'httpd']:
- ensure => 'stopped',
- enable => false,
- require => Service['deltacloud-aggregator',
- 'deltacloud-condor_refreshd',
- 'deltacloud-dbomatic'] }
- service { ['deltacloud-aggregator',
- 'deltacloud-condor_refreshd',
- 'deltacloud-dbomatic']:
- ensure => 'stopped',
- enable => false,
- hasstatus => true }
- }
-
- 'core': {
- service { 'deltacloud-core':
- ensure => 'stopped',
- enable => false}
- }
-
- 'iwhd': {
- service { 'mongod':
- ensure => 'stopped',
- enable => false,
- require => Service[iwhd]}
- service { 'iwhd':
- ensure => 'stopped',
- enable => false}
- }
-
- 'image-factory': {
- service {'qpidd':
- ensure => 'stopped',
- enable => false,
- require => Service['imagefactoryd',
'deltacloud-image_builder_service']}
-
- service { 'imagefactoryd':
- ensure => 'stopped',
- enable => false}
-
- service { 'deltacloud-image_builder_service':
- ensure => 'stopped',
- hasstatus => true,
- enable => false}
- }
- }
-}
-
-# Configure boxgrinder, this should go into the boxgrinder rpms eventually
-define dc::configure_boxgrinder(){
- file { "/boxgrinder": ensure => "directory"}
- file { "/boxgrinder/appliances":
- ensure => "directory",
- require => File["/boxgrinder"]}
- file { "/boxgrinder/packaged_builders":
- ensure => "directory",
- require => File["/boxgrinder"]}
- file { "/root/.boxgrinder": ensure => "directory"}
- file { "/root/.boxgrinder/plugins":
- ensure => "directory",
- require => File["/root/.boxgrinder"]}
- file { "/root/.boxgrinder/plugins/local":
- source =>
"puppet:///deltacloud_recipe/root-boxgrinder-plugins-local",
- mode => 644 }
-}
-
-# Configure pulp to fetch from Fedora
-# TODO uncomment when factory/warehouse uses pulp
-#exec{"pulp_fedora_config":
-# command => "/usr/bin/pulp-admin -u admin -p admin repo create
--id=fedora-repo --feed
yum:http://download.fedora.redhat.com/pub/fedora/linux/updates/13/x86_64/...
-#}
-
-# Create a named bucket in iwhd
-define dc::create_bucket(){
- package{'curl': ensure => 'installed'}
- # XXX ugly hack but iwhd might take some time to come up
- exec{"iwhd_startup_pause":
- command => "/bin/sleep 2",
- require => Service[iwhd]}
- exec{"create-bucket-${name}":
- command => "/usr/bin/curl -X PUT http://localhost:9090/templates";,
- require => [Exec['iwhd_startup_pause'], Package[curl]] }
-}
-
-# Initialize and start the deltacloud database
-define dc::db(){
- # Right now we configure and start postgres, at some point I want
- # to make the db that gets setup configurable
- file { "/var/lib/pgsql/data/pg_hba.conf":
- source => "puppet:///deltacloud_recipe/pg_hba.conf",
- require => Postgres::Initialize[init_db] }
- postgres::initialize{'init_db':}
- postgres::start{'start_db': require =>
File["/var/lib/pgsql/data/pg_hba.conf"]}
- postgres::user{"dcloud":
- password => "v23zj59an",
- roles => "CREATEDB",
- require => Postgres::Start[start_db]}
-
-
- # Create deltacloud database
- rails::create::db{"create_deltacloud_database":
- cwd => "/usr/share/deltacloud-aggregator",
- rails_env => "production",
- require => [Postgres::User[dcloud],
Package['deltacloud-aggregator']]}
- rails::migrate::db{"migrate_deltacloud_database":
- cwd => "/usr/share/deltacloud-aggregator",
- rails_env => "production",
- require => Rails::Create::Db[create_deltacloud_database]}
-}
-
-# Destroy the deltacloud database
-define dc::db::destroy(){
- rails::drop::db{"drop_deltacloud_database":
- cwd => "/usr/share/deltacloud-aggregator",
- rails_env => "production",
- require => Service["deltacloud-aggregator",
- "deltacloud-condor_refreshd",
- "deltacloud-dbomatic",
- "deltacloud-image_builder_service"]}
- postgres::user::remove{"dcloud": require =>
Rails::Drop::Db["drop_deltacloud_database"]}
-}
-
-# Create a new site admin aggregator web user
-define dc::site_admin($email="", $password="",
$first_name="", $last_name=""){
- exec{"create_site_admin_user":
- cwd => '/usr/share/deltacloud-aggregator',
- environment => "RAILS_ENV=production",
- command => "/usr/bin/rake dc:create_user[${name}] email=${email}
password=${password} first_name=${first_name} last_name=${last_name}",
- unless => "/usr/bin/test `psql dcloud dcloud -P tuples_only -c
\"select count(*) from users where login = '${name}';\"` =
\"1\"",
- require => Rails::Migrate::Db["migrate_deltacloud_database"]}
- exec{"grant_site_admin_privs":
- cwd => '/usr/share/deltacloud-aggregator',
- environment => "RAILS_ENV=production",
- command => "/usr/bin/rake dc:site_admin[${name}]",
- unless => "/usr/bin/test `psql dcloud dcloud -P tuples_only -c
\"select count(*) FROM roles INNER JOIN permissions ON (roles.id =
permissions.role_id) INNER JOIN users ON (permissions.user_id = users.id) where roles.name
= 'Administrator' AND users.login = '${name}';\"` =
\"1\"",
- require => Exec[create_site_admin_user]}
-}
-
-# Destroy and cleanup deltacloud artifacts
-define dc::cleanup(){
- exec{"remove_deltacloud_templates": command => "/bin/rm -rf
/templates"}
- exec{"remove_boxgrinder_dir": command => "/bin/rm -rf
/boxgrinder"}
-}
diff --git a/deltacloud_recipe/manifests/postgres.pp
b/deltacloud_recipe/manifests/postgres.pp
deleted file mode 100644
index 6a639b4..0000000
--- a/deltacloud_recipe/manifests/postgres.pp
+++ /dev/null
@@ -1,38 +0,0 @@
-# Some convenience routines for postgres
-
-package { ["postgresql", "postgresql-server"]:
- ensure => "installed", provider => "yum" }
-
-define postgres::initialize(){
- exec{"initialize_postgres":
- command => "/sbin/service postgresql initdb",
- unless => "/usr/bin/test -d /var/lib/pgsql/data/pg_log",
- require => Package["postgresql-server"]}
-}
-
-define postgres::start{
- service {"postgresql" :
- ensure => running,
- enable => true,
- require => Exec['initialize_postgres']}
- # XXX ugly hack, postgres takes sometime to startup even though reporting as running
- # need to pause for a bit to ensure it is running before we try to access the db
- exec{"postgresql_startup_pause":
- command => "/bin/sleep 2",
- require => Service[postgresql]
- }
-}
-
-define postgres::user($password="", $roles=""){
- exec{"create_dcloud_postgres_user":
- unless => "/usr/bin/test `psql postgres postgres -P tuples_only -c
\"select count(*) from pg_user where usename='${name}';\"` =
\"1\"",
- command => "/usr/bin/psql postgres postgres -c \
- \"CREATE USER ${name} WITH PASSWORD '${password}'
${roles}\""}
-}
-
-define postgres::user::remove($password="", $roles=""){
- exec{"remove_dcloud_postgres_user":
- onlyif => "/usr/bin/test `psql postgres postgres -P tuples_only -c
\"select count(*) from pg_user where usename='${name}';\"` =
\"1\"",
- command => "/usr/bin/psql postgres postgres -c \
- \"DROP USER ${name}\""}
-}
diff --git a/deltacloud_recipe/manifests/rails.pp b/deltacloud_recipe/manifests/rails.pp
deleted file mode 100644
index 438a209..0000000
--- a/deltacloud_recipe/manifests/rails.pp
+++ /dev/null
@@ -1,24 +0,0 @@
-# Some convenience routines for rails
-
-define rails::create::db($cwd="", $rails_env=""){
- exec{"create_rails_database":
- cwd => $cwd,
- environment => "RAILS_ENV=${rails_env}",
- command => "/usr/bin/rake db:create:all"}
-
-}
-
-define rails::migrate::db($cwd="", $rails_env=""){
- exec{"migrate_rails_database":
- cwd => $cwd,
- environment => "RAILS_ENV=${rails_env}",
- command => "/usr/bin/rake db:migrate"}
-}
-
-define rails::drop::db($cwd="", $rails_env=""){
- exec{"drop_rails_database":
- cwd => $cwd,
- onlyif => "/usr/bin/test -f ${cwd}/Rakefile",
- environment => "RAILS_ENV=${rails_env}",
- command => "/usr/bin/rake db:drop:all"}
-}
diff --git a/deltacloud_recipe/manifests/selinux.pp
b/deltacloud_recipe/manifests/selinux.pp
deleted file mode 100644
index 05a3174..0000000
--- a/deltacloud_recipe/manifests/selinux.pp
+++ /dev/null
@@ -1,11 +0,0 @@
-# Some convenience routines for selinux
-
-define selinux::mode(){
- $mode = $name ? {
- 'permissive' => '0',
- 'enforcing' => '1'
- }
- exec{"set_selinux_${name}":
- command => "/usr/sbin/setenforce ${mode}"
- }
-}
diff --git a/deltacloud_recipe/manifests/time.pp b/deltacloud_recipe/manifests/time.pp
deleted file mode 100644
index c3db854..0000000
--- a/deltacloud_recipe/manifests/time.pp
+++ /dev/null
@@ -1,8 +0,0 @@
-# Some convenience routines for system time manipulation
-
-# Sync system time via ntp
-define time::sync(){
- exec{"sync_time":
- command => "/usr/sbin/ntpdate pool.ntp.org"
- }
-}
diff --git a/recipes/deltacloud_recipe/deltacloud_recipe.pp
b/recipes/deltacloud_recipe/deltacloud_recipe.pp
new file mode 100644
index 0000000..d7e8765
--- /dev/null
+++ b/recipes/deltacloud_recipe/deltacloud_recipe.pp
@@ -0,0 +1,55 @@
+#--
+# Copyright (C) 2010 Red Hat Inc.
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+# Author: Mohammed Morsi <mmorsi(a)redhat.com>
+#--
+
+#
+# deltacloud installation recipe
+#
+
+# Modules used by the recipe
+import "deltacloud_recipe/deltacloud"
+
+# setup the deltacloud repositories
+dc::repos{"deltacloud":}
+
+# install deltacloud components
+dc::package::install{["aggregator", "core"]:
+ require => Dc::Repos["deltacloud"]}
+
+# setup selinux
+dc::selinux{'deltacloud':}
+
+# setup the firewall
+dc::firewall{'deltacloud':}
+
+# setup deltacloud db
+dc::db{"postgres":}
+
+# start deltacloud services
+dc::service::start{["aggregator", "core", 'iwhd',
'image-factory']:}
+
+# create bucket in image warehouse
+dc::create_bucket{"deltacloud":}
+
+# Create dcuser aggregator web user
+dc::site_admin{"admin":
+ email => 'dcuser(a)deltacloud.org',
+ password => 'password',
+ first_name => 'deltacloud',
+ last_name => 'user'}
diff --git a/recipes/deltacloud_recipe/deltacloud_stop_services.pp
b/recipes/deltacloud_recipe/deltacloud_stop_services.pp
new file mode 100644
index 0000000..71cb1bf
--- /dev/null
+++ b/recipes/deltacloud_recipe/deltacloud_stop_services.pp
@@ -0,0 +1,32 @@
+#--
+# Copyright (C) 2010 Red Hat Inc.
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+# Author: Mohammed Morsi <mmorsi(a)redhat.com>
+#--
+
+#
+# deltacloud uninstallation recipe
+#
+
+# Modules used by the recipe
+import "deltacloud_recipe/deltacloud"
+
+$services = ["aggregator", "core", 'iwhd',
'image-factory']
+
+# stop deltacloud services
+dc::service{$services:
+ ensure => 'stopped', enable => false}
diff --git a/recipes/deltacloud_recipe/deltacloud_uninstall.pp
b/recipes/deltacloud_recipe/deltacloud_uninstall.pp
new file mode 100644
index 0000000..b39d423
--- /dev/null
+++ b/recipes/deltacloud_recipe/deltacloud_uninstall.pp
@@ -0,0 +1,41 @@
+#--
+# Copyright (C) 2010 Red Hat Inc.
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+# Author: Mohammed Morsi <mmorsi(a)redhat.com>
+#--
+
+#
+# deltacloud uninstallation recipe
+#
+
+# Modules used by the recipe
+import "deltacloud_recipe/deltacloud"
+
+$packages = ["aggregator", "core"]
+
+# stop deltacloud services
+dc::service::stop{["aggregator", "core", 'iwhd',
'image-factory']:}
+
+# destroy deltacloud db
+dc::db::destroy{"postgres":
+ require => Dc::Service::Stop['aggregator']}
+
+# install deltacloud components
+dc::package::uninstall{$packages:
+ require => Dc::Db::Destroy['postgres']}
+
+dc::cleanup{"deltacloud": require => Dc::Package::Uninstall[$packages]}
diff --git a/recipes/deltacloud_recipe/files/condor_config.local
b/recipes/deltacloud_recipe/files/condor_config.local
new file mode 100644
index 0000000..d9d50c5
--- /dev/null
+++ b/recipes/deltacloud_recipe/files/condor_config.local
@@ -0,0 +1,26 @@
+CONDOR_HOST = $(FULL_HOSTNAME)
+ALLOW_WRITE = *
+
+DAEMON_LIST = MASTER, SCHEDD, COLLECTOR, NEGOTIATOR, STARTD
+
+MAX_GRIDMANAGER_LOG = 500000000
+GRIDMANAGER_JOB_PROBE_INTERVAL = 30
+
+GRIDMANAGER_DEBUG = D_FULLDEBUG
+NEGOTIATOR_DEBUG = D_FULLDEBUG
+COLLECTOR_DEBUG = D_FULLDEBUG
+
+DCLOUD_GAHP = $(SBIN)/dcloud_gahp
+
+CLASSAD_LIFETIME = 0
+
+# for re-advertising classads (i.e. condor_refreshd)
+CONDOR_DEVELOPERS_COLLECTOR = localhost:7890
+COLLECTOR_UPDATE_INTERVAL = 900
+
+# for the event log parsing (i.e. dbomatic)
+EVENT_LOG=$(LOG)/EventLog
+EVENT_LOG_USE_XML=True
+EVENT_LOG_JOB_AD_INFORMATION_ATTRS=Owner,GlobalJobId,Cmd,JobStartDate,JobCurrentStartDate,JobFinishedHookDone
+
+CLASSAD_USER_LIBS =
/usr/share/deltacloud-aggregator/classad_plugin/deltacloud_classad_plugin.so
diff --git a/recipes/deltacloud_recipe/files/deltacloud-core
b/recipes/deltacloud_recipe/files/deltacloud-core
new file mode 100755
index 0000000..3eb0afa
--- /dev/null
+++ b/recipes/deltacloud_recipe/files/deltacloud-core
@@ -0,0 +1,76 @@
+#!/bin/bash
+#
+#
+# deltacloud-core startup script for deltacloud-core server
+#
+# chkconfig: - 97 03
+# description: deltacloud-core is primary server process for the \
+# Deltacloud Core component.
+#
+
+[ -r /etc/sysconfig/deltacloud-core ] && . /etc/sysconfig/deltacloud-core
+
+ENV="${ENV:-production}"
+DRIVER="${DRIVER:-ec2}"
+PORT="${PORT:-3002}"
+LOCKFILE="${LOCKFILE:-/var/lock/subsys/deltacloud-core }"
+LOGFILE="${LOGFILE:-/var/log/deltacloud-core/$DRIVER.log}"
+
+PROG=/usr/bin/deltacloudd
+
+. /etc/init.d/functions
+
+start() {
+ echo -n "Starting deltacloud-core: "
+
+ $PROG -i $DRIVER -e $ENV -p $PORT >> $LOGFILE 2>&1 &
+ RETVAL=$?
+ if [ $RETVAL -eq 0 ] && touch $LOCKFILE ; then
+ echo_success
+ echo
+ else
+ echo_failure
+ echo
+ fi
+}
+
+stop() {
+ echo -n "Shutting down deltacloud-core: "
+ RETVAL=$?
+ killall deltacloudd
+ if [ $RETVAL -eq 0 ] && rm -f $LOCKFILE ; then
+ echo_success
+ echo
+ else
+ echo_failure
+ echo
+ fi
+}
+
+case "$1" in
+ start)
+ start
+ ;;
+ stop)
+ stop
+ ;;
+ restart)
+ stop
+ start
+ ;;
+ reload)
+ ;;
+ force-reload)
+ restart
+ ;;
+ status)
+ status $PROG
+ RETVAL=$?
+ ;;
+ *)
+ echo "Usage: deltacloud-core {start|stop|restart|status}"
+ exit 1
+ ;;
+esac
+
+exit $RETVAL
diff --git a/recipes/deltacloud_recipe/files/imagefactory.yml
b/recipes/deltacloud_recipe/files/imagefactory.yml
new file mode 100644
index 0000000..7f3abe7
--- /dev/null
+++ b/recipes/deltacloud_recipe/files/imagefactory.yml
@@ -0,0 +1,12 @@
+bg_command: /usr/bin/boxgrinder-build
+bg_working_dir: /boxgrinder/appliances
+bg_local_delivery: /boxgrinder/packaged_builds
+warehouse_active: true # if false Factory will not attempt any warehouse actions at all
+warehouse_host: localhost
+warehouse_port: 9090
+warehouse_bucket: templates
+# Which entity should actually bundle and upload the EC2 AMI
+ami_delivery: boxgrinder # Valid values are boxgrinder or warehouse
+ami_s3_bucket: deltacloud # S3 bucket to use when uploading bundle
+# Note that directory must exist
+mock_dir: /var/tmp/clalance-mock # Directory to use when building mock target
diff --git a/recipes/deltacloud_recipe/files/iwhd-conf.js
b/recipes/deltacloud_recipe/files/iwhd-conf.js
new file mode 100644
index 0000000..44516e0
--- /dev/null
+++ b/recipes/deltacloud_recipe/files/iwhd-conf.js
@@ -0,0 +1,7 @@
+[
+ {
+ "name": "primary",
+ "type": "fs",
+ "path": "."
+ }
+]
diff --git a/recipes/deltacloud_recipe/files/iwhd.init
b/recipes/deltacloud_recipe/files/iwhd.init
new file mode 100755
index 0000000..e5745e9
--- /dev/null
+++ b/recipes/deltacloud_recipe/files/iwhd.init
@@ -0,0 +1,73 @@
+#!/bin/bash
+#
+#
+# iwhd startup script for iwhd server
+#
+# chkconfig: - 97 03
+# description: iwhd is primary server process for the \
+# IWHD component.
+#
+
+[ -r /etc/sysconfig/iwhd ] && . /etc/sysconfig/iwhd
+
+LOCKFILE="${LOCKFILE:-/var/lock/subsys/iwhd }"
+
+PROG=/usr/sbin/iwhd
+CONF=/etc/iwhd/conf.js
+
+. /etc/init.d/functions
+
+start() {
+ echo -n "Starting iwhd: "
+
+ $PROG -c $CONF&
+ RETVAL=$?
+ if [ $RETVAL -eq 0 ] && touch $LOCKFILE ; then
+ echo_success
+ echo
+ else
+ echo_failure
+ echo
+ fi
+}
+
+stop() {
+ echo -n "Shutting down iwhd: "
+ RETVAL=$?
+ killall iwhd
+ if [ $RETVAL -eq 0 ] && rm -f $LOCKFILE ; then
+ echo_success
+ echo
+ else
+ echo_failure
+ echo
+ fi
+}
+
+case "$1" in
+ start)
+ start
+ ;;
+ stop)
+ stop
+ ;;
+ restart)
+ stop
+ start
+ ;;
+ reload)
+ ;;
+ force-reload)
+ restart
+ ;;
+ status)
+ status $PROG
+ RETVAL=$?
+ ;;
+ *)
+ echo "Usage: iwhd {start|stop|restart|status}"
+ exit 1
+ ;;
+esac
+
+exit $RETVAL
diff --git a/recipes/deltacloud_recipe/files/pg_hba.conf
b/recipes/deltacloud_recipe/files/pg_hba.conf
new file mode 100644
index 0000000..70d83bb
--- /dev/null
+++ b/recipes/deltacloud_recipe/files/pg_hba.conf
@@ -0,0 +1,2 @@
+local all all trust
+host all all 127.0.0.1 255.255.255.255 trust
diff --git a/recipes/deltacloud_recipe/files/qpidd.conf
b/recipes/deltacloud_recipe/files/qpidd.conf
new file mode 100644
index 0000000..da050c0
--- /dev/null
+++ b/recipes/deltacloud_recipe/files/qpidd.conf
@@ -0,0 +1,25 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# Configuration file for qpidd. Entries are of the form:
+# name=value
+#
+# (Note: no spaces on either side of '='). Using default settings:
+# "qpidd --help" or "man qpidd" for more details.
+cluster-mechanism=ANONYMOUS
+auth=no
diff --git a/recipes/deltacloud_recipe/files/root-boxgrinder-plugins-local
b/recipes/deltacloud_recipe/files/root-boxgrinder-plugins-local
new file mode 100644
index 0000000..32ada19
--- /dev/null
+++ b/recipes/deltacloud_recipe/files/root-boxgrinder-plugins-local
@@ -0,0 +1,3 @@
+path: /boxgrinder/packaged_builds
+overwrite: false
+package: false
diff --git a/recipes/deltacloud_recipe/manifests/deltacloud.pp
b/recipes/deltacloud_recipe/manifests/deltacloud.pp
new file mode 100644
index 0000000..0924075
--- /dev/null
+++ b/recipes/deltacloud_recipe/manifests/deltacloud.pp
@@ -0,0 +1,382 @@
+# Deltacloud puppet definitions
+
+import "firewall"
+
+import "postgres"
+import "rails"
+import "selinux"
+import "time"
+
+# Setup repos which to pull deltacloud components
+define dc::repos(){
+ yumrepo{"${name}_arch":
+ name => "${name}_arch",
+ baseurl =>
'http://repos.fedorapeople.org/repos/deltacloud/appliance/fedora-$releasever/$basearch',
+ enabled => 1, gpgcheck => 0}
+ yumrepo{"${name}_noarch":
+ name => "${name}_noarch",
+ baseurl =>
'http://repos.fedorapeople.org/repos/deltacloud/appliance/fedora-$releasever/noarch',
+ enabled => 1, gpgcheck => 0}
+ yumrepo{"${name}_pulp":
+ name => "${name}_pulp",
+ baseurl =>
'http://repos.fedorapeople.org/repos/pulp/pulp/fedora-13/$basearch/',
+ enabled => 1, gpgcheck => 0}
+}
+
+# Install the deltacloud components
+define dc::package::install(){
+ case $name {
+ 'aggregator': {
+ # specific versions of these two packages are needed and we need to pull the third
in
+ package { 'python-imgcreate':
+ provider => 'rpm', ensure => installed,
+ source =>
'http://repos.fedorapeople.org/repos/deltacloud/appliance/fedora-13/x86_64/python-imgcreate-031-1.fc12.1.x86_64.rpm'}
+ package { 'livecd-tools':
+ provider => 'rpm', ensure => installed,
+ source =>
'http://repos.fedorapeople.org/repos/deltacloud/appliance/fedora-13/x86_64/livecd-tools-031-1.fc12.1.x86_64.rpm',
+ require => Package['python-imgcreate']}
+ package { 'appliance-tools':
+ provider => 'yum', ensure => installed,
+ require => Package["livecd-tools",
"python-imgcreate"] }
+
+ # TODO: Fix me, find a better way to do this...
+ # We need to also install this rpm from amazon
+ package{"ec2-ami-tools":
+ provider => "rpm",
+ source =>
"http://s3.amazonaws.com/ec2-downloads/ec2-ami-tools.noarch.rpm",
+ ensure => 'installed' }
+
+ package { 'rubygem-deltacloud-client':
+ provider => 'yum', ensure => 'installed' }
+ package { 'rubygem-deltacloud-image-builder-agent':
+ provider => 'yum', ensure => 'installed',
+ require => Package['appliance-tools',
'livecd-tools', 'python-imgcreate', 'ec2-ami-tools']}
+ package { 'iwhd':
+ provider => 'yum', ensure => 'installed' }
+
+
+ package {['deltacloud-aggregator',
+ 'deltacloud-aggregator-daemons',
+ 'deltacloud-aggregator-doc']:
+ provider => 'yum', ensure => 'installed',
+ require => Package['rubygem-deltacloud-client',
+ 'rubygem-deltacloud-image-builder-agent',
+ 'iwhd']}
+ }
+
+ 'core': {
+ package { 'rubygem-deltacloud-core':
+ provider => 'yum', ensure => 'installed'}
+ file { "/var/log/deltacloud-core": ensure => 'directory' }
+ }
+ }
+}
+
+# Uninstall the deltacloud components
+define dc::package::uninstall(){
+ case $name {
+ 'aggregator': {
+ package {['deltacloud-aggregator-daemons',
+ 'deltacloud-aggregator-doc']:
+ provider => 'yum', ensure => 'absent',
+ require => Service['deltacloud-aggregator',
+ 'deltacloud-condor_refreshd',
+ 'deltacloud-dbomatic',
+ 'imagefactoryd',
+ 'deltacloud-image_builder_service']}
+
+ package {'deltacloud-aggregator':
+ provider => 'yum', ensure => 'absent',
+ require => Package['deltacloud-aggregator-daemons',
+ 'deltacloud-aggregator-doc'] }
+ package { 'rubygem-deltacloud-client':
+ provider => 'yum', ensure => 'absent',
+ require => Package['deltacloud-aggregator']}
+ package { 'rubygem-deltacloud-image-builder-agent':
+ provider => 'yum', ensure => 'absent',
+ require => Package['deltacloud-aggregator']}
+ package { 'iwhd':
+ provider => 'yum', ensure => 'absent',
+ require => [Package['deltacloud-aggregator'],
Service['iwhd']]}
+
+ # FIXME these lingering dependencies, pulled in for
+ # rubygem-deltacloud-image-builder-agent, need to be removed as
+ # ec2-ami-tools and appliance-tools depend on them and using
+ # 'absent' in the context of the 'yum' provider dispatches
+ # to 'rpm -e' instead of 'yum erase'
+ package { ['rubygem-boxgrinder-build-ec2-platform-plugin',
+ 'rubygem-boxgrinder-build-centos-os-plugin',
+ 'rubygem-boxgrinder-build-fedora-os-plugin']:
+ provider => "yum", ensure => 'absent',
+ require =>
Package['rubygem-deltacloud-image-builder-agent']}
+ package { 'rubygem-boxgrinder-build-rhel-os-plugin':
+ provider => "yum", ensure => 'absent',
+ require =>
Package['rubygem-boxgrinder-build-centos-os-plugin']}
+ package { 'rubygem-boxgrinder-build-rpm-based-os-plugin':
+ provider => "yum", ensure => 'absent',
+ require =>
Package['rubygem-boxgrinder-build-rhel-os-plugin',
+
'rubygem-boxgrinder-build-fedora-os-plugin']}
+
+ package { 'ec2-ami-tools':
+ provider => "yum", ensure => 'absent',
+ require =>
Package['rubygem-boxgrinder-build-ec2-platform-plugin']}
+ package { 'appliance-tools':
+ provider => 'yum', ensure => 'absent',
+ require =>
Package['rubygem-boxgrinder-build-rpm-based-os-plugin']}
+ package { 'livecd-tools':
+ provider => 'yum', ensure => 'absent',
+ require => Package['appliance-tools']}
+ package { 'python-imgcreate':
+ provider => 'yum', ensure => 'absent',
+ require => Package['appliance-tools',
'livecd-tools']}
+
+ }
+
+ 'core': {
+ package { 'rubygem-deltacloud-core':
+ provider => 'yum', ensure => 'absent',
+ require => Service['deltacloud-core']}
+ }
+ }
+}
+
+# Setup selinux for deltacloud
+define dc::selinux(){
+ selinux::mode{"permissive":}
+}
+
+# Setup firewall for deltacloud
+define dc::firewall(){
+ firewall::setup{'deltacloud': status=>"enabled"}
+ firewall_open_port{"httpd": port => "80", policy =>
"tcp"}
+}
+
+# TODO disable selinux until we're sure everything works w/ it enabled
+
+# Start the deltacloud services
+define dc::service::start(){
+ case $name {
+ 'aggregator': {
+ file {"/var/lib/condor/condor_config.local":
+ source => "puppet:///deltacloud_recipe/condor_config.local",
+ require => Package['deltacloud-aggregator-daemons'] }
+ service { ['condor', 'httpd']:
+ ensure => 'running',
+ enable => true,
+ require => File['/var/lib/condor/condor_config.local'] }
+ service { ['deltacloud-aggregator',
+ 'deltacloud-condor_refreshd',
+ 'deltacloud-dbomatic']:
+ ensure => 'running',
+ enable => true,
+ hasstatus => true,
+ require => [Package['deltacloud-aggregator-daemons'],
+ Rails::Migrate::Db[migrate_deltacloud_database],
+ Service[condor]] }
+ }
+
+ 'core': {
+ time::sync{"deltacloud":} # we need to sync time to communicate w/ cloud
providers
+ file {"/etc/init.d/deltacloud-core":
+ source => "puppet:///deltacloud_recipe/deltacloud-core",
+ mode => 755 }
+ service { 'deltacloud-core':
+ ensure => 'running',
+ enable => true,
+ require => [Package['rubygem-deltacloud-core'],
+ File['/etc/init.d/deltacloud-core']] }
+ }
+
+ 'iwhd': {
+ file { "/data": ensure => 'directory' }
+ file { "/data/db": ensure => 'directory' }
+ service { 'mongod':
+ ensure => 'running',
+ enable => true,
+ require => [Package['iwhd'], File["/data/db"]]}
+ service { 'iwhd':
+ ensure => 'running',
+ enable => true,
+ require => [Package['iwhd'],
+ Service[mongod]]}
+ }
+
+ 'image-factory': {
+ dc::configure_boxgrinder{'conf_bxg':}
+ file { "/etc/qpidd.conf":
+ source => "puppet:///deltacloud_recipe/qpidd.conf",
+ mode => 644 }
+ service {'qpidd':
+ ensure => 'running',
+ enable => true,
+ require => [File['/etc/qpidd.conf'],
+ Package['deltacloud-aggregator-daemons']]}
+ file { "/etc/imagefactory.yml":
+ source => "puppet:///deltacloud_recipe/imagefactory.yml",
+ mode => 644 }
+ $requires = [Package['rubygem-deltacloud-image-builder-agent'],
+ Package['deltacloud-aggregator-daemons'],
+ File['/etc/imagefactory.yml'],
+ Service[qpidd],
+ Rails::Migrate::Db[migrate_deltacloud_database],
+ Dc::Configure_boxgrinder['conf_bxg']]
+ service { 'imagefactoryd':
+ ensure => 'running',
+ enable => true,
+ require => $requires}
+ service { 'deltacloud-image_builder_service':
+ ensure => 'running',
+ enable => true,
+ hasstatus => true,
+ require => $requires}
+ }
+ }
+}
+
+# Stop the deltacloud services
+define dc::service::stop(){
+ case $name {
+ 'aggregator': {
+ service { ['condor', 'httpd']:
+ ensure => 'stopped',
+ enable => false,
+ require => Service['deltacloud-aggregator',
+ 'deltacloud-condor_refreshd',
+ 'deltacloud-dbomatic'] }
+ service { ['deltacloud-aggregator',
+ 'deltacloud-condor_refreshd',
+ 'deltacloud-dbomatic']:
+ ensure => 'stopped',
+ enable => false,
+ hasstatus => true }
+ }
+
+ 'core': {
+ service { 'deltacloud-core':
+ ensure => 'stopped',
+ enable => false}
+ }
+
+ 'iwhd': {
+ service { 'mongod':
+ ensure => 'stopped',
+ enable => false,
+ require => Service[iwhd]}
+ service { 'iwhd':
+ ensure => 'stopped',
+ enable => false}
+ }
+
+ 'image-factory': {
+ service {'qpidd':
+ ensure => 'stopped',
+ enable => false,
+ require => Service['imagefactoryd',
'deltacloud-image_builder_service']}
+
+ service { 'imagefactoryd':
+ ensure => 'stopped',
+ enable => false}
+
+ service { 'deltacloud-image_builder_service':
+ ensure => 'stopped',
+ hasstatus => true,
+ enable => false}
+ }
+ }
+}
+
+# Configure boxgrinder, this should go into the boxgrinder rpms eventually
+define dc::configure_boxgrinder(){
+ file { "/boxgrinder": ensure => "directory"}
+ file { "/boxgrinder/appliances":
+ ensure => "directory",
+ require => File["/boxgrinder"]}
+ file { "/boxgrinder/packaged_builders":
+ ensure => "directory",
+ require => File["/boxgrinder"]}
+ file { "/root/.boxgrinder": ensure => "directory"}
+ file { "/root/.boxgrinder/plugins":
+ ensure => "directory",
+ require => File["/root/.boxgrinder"]}
+ file { "/root/.boxgrinder/plugins/local":
+ source =>
"puppet:///deltacloud_recipe/root-boxgrinder-plugins-local",
+ mode => 644 }
+}
+
+# Configure pulp to fetch from Fedora
+# TODO uncomment when factory/warehouse uses pulp
+#exec{"pulp_fedora_config":
+# command => "/usr/bin/pulp-admin -u admin -p admin repo create
--id=fedora-repo --feed
yum:http://download.fedora.redhat.com/pub/fedora/linux/updates/13/x86_64/...
+#}
+
+# Create a named bucket in iwhd
+define dc::create_bucket(){
+ package{'curl': ensure => 'installed'}
+ # XXX ugly hack but iwhd might take some time to come up
+ exec{"iwhd_startup_pause":
+ command => "/bin/sleep 2",
+ require => Service[iwhd]}
+ exec{"create-bucket-${name}":
+ command => "/usr/bin/curl -X PUT http://localhost:9090/templates";,
+ require => [Exec['iwhd_startup_pause'], Package[curl]] }
+}
+
+# Initialize and start the deltacloud database
+define dc::db(){
+ # Right now we configure and start postgres, at some point I want
+ # to make the db that gets setup configurable
+ file { "/var/lib/pgsql/data/pg_hba.conf":
+ source => "puppet:///deltacloud_recipe/pg_hba.conf",
+ require => Postgres::Initialize[init_db] }
+ postgres::initialize{'init_db':}
+ postgres::start{'start_db': require =>
File["/var/lib/pgsql/data/pg_hba.conf"]}
+ postgres::user{"dcloud":
+ password => "v23zj59an",
+ roles => "CREATEDB",
+ require => Postgres::Start[start_db]}
+
+
+ # Create deltacloud database
+ rails::create::db{"create_deltacloud_database":
+ cwd => "/usr/share/deltacloud-aggregator",
+ rails_env => "production",
+ require => [Postgres::User[dcloud],
Package['deltacloud-aggregator']]}
+ rails::migrate::db{"migrate_deltacloud_database":
+ cwd => "/usr/share/deltacloud-aggregator",
+ rails_env => "production",
+ require => Rails::Create::Db[create_deltacloud_database]}
+}
+
+# Destroy the deltacloud database
+define dc::db::destroy(){
+ rails::drop::db{"drop_deltacloud_database":
+ cwd => "/usr/share/deltacloud-aggregator",
+ rails_env => "production",
+ require => Service["deltacloud-aggregator",
+ "deltacloud-condor_refreshd",
+ "deltacloud-dbomatic",
+ "deltacloud-image_builder_service"]}
+ postgres::user::remove{"dcloud": require =>
Rails::Drop::Db["drop_deltacloud_database"]}
+}
+
+# Create a new site admin aggregator web user
+define dc::site_admin($email="", $password="",
$first_name="", $last_name=""){
+ exec{"create_site_admin_user":
+ cwd => '/usr/share/deltacloud-aggregator',
+ environment => "RAILS_ENV=production",
+ command => "/usr/bin/rake dc:create_user[${name}] email=${email}
password=${password} first_name=${first_name} last_name=${last_name}",
+ unless => "/usr/bin/test `psql dcloud dcloud -P tuples_only -c
\"select count(*) from users where login = '${name}';\"` =
\"1\"",
+ require => Rails::Migrate::Db["migrate_deltacloud_database"]}
+ exec{"grant_site_admin_privs":
+ cwd => '/usr/share/deltacloud-aggregator',
+ environment => "RAILS_ENV=production",
+ command => "/usr/bin/rake dc:site_admin[${name}]",
+ unless => "/usr/bin/test `psql dcloud dcloud -P tuples_only -c
\"select count(*) FROM roles INNER JOIN permissions ON (roles.id =
permissions.role_id) INNER JOIN users ON (permissions.user_id = users.id) where roles.name
= 'Administrator' AND users.login = '${name}';\"` =
\"1\"",
+ require => Exec[create_site_admin_user]}
+}
+
+# Destroy and cleanup deltacloud artifacts
+define dc::cleanup(){
+ exec{"remove_deltacloud_templates": command => "/bin/rm -rf
/templates"}
+ exec{"remove_boxgrinder_dir": command => "/bin/rm -rf
/boxgrinder"}
+}
diff --git a/recipes/deltacloud_recipe/manifests/postgres.pp
b/recipes/deltacloud_recipe/manifests/postgres.pp
new file mode 100644
index 0000000..6a639b4
--- /dev/null
+++ b/recipes/deltacloud_recipe/manifests/postgres.pp
@@ -0,0 +1,38 @@
+# Some convenience routines for postgres
+
+package { ["postgresql", "postgresql-server"]:
+ ensure => "installed", provider => "yum" }
+
+define postgres::initialize(){
+ exec{"initialize_postgres":
+ command => "/sbin/service postgresql initdb",
+ unless => "/usr/bin/test -d /var/lib/pgsql/data/pg_log",
+ require => Package["postgresql-server"]}
+}
+
+define postgres::start{
+ service {"postgresql" :
+ ensure => running,
+ enable => true,
+ require => Exec['initialize_postgres']}
+ # XXX ugly hack, postgres takes sometime to startup even though reporting as running
+ # need to pause for a bit to ensure it is running before we try to access the db
+ exec{"postgresql_startup_pause":
+ command => "/bin/sleep 2",
+ require => Service[postgresql]
+ }
+}
+
+define postgres::user($password="", $roles=""){
+ exec{"create_dcloud_postgres_user":
+ unless => "/usr/bin/test `psql postgres postgres -P tuples_only -c
\"select count(*) from pg_user where usename='${name}';\"` =
\"1\"",
+ command => "/usr/bin/psql postgres postgres -c \
+ \"CREATE USER ${name} WITH PASSWORD '${password}'
${roles}\""}
+}
+
+define postgres::user::remove($password="", $roles=""){
+ exec{"remove_dcloud_postgres_user":
+ onlyif => "/usr/bin/test `psql postgres postgres -P tuples_only -c
\"select count(*) from pg_user where usename='${name}';\"` =
\"1\"",
+ command => "/usr/bin/psql postgres postgres -c \
+ \"DROP USER ${name}\""}
+}
diff --git a/recipes/deltacloud_recipe/manifests/rails.pp
b/recipes/deltacloud_recipe/manifests/rails.pp
new file mode 100644
index 0000000..438a209
--- /dev/null
+++ b/recipes/deltacloud_recipe/manifests/rails.pp
@@ -0,0 +1,24 @@
+# Some convenience routines for rails
+
+define rails::create::db($cwd="", $rails_env=""){
+ exec{"create_rails_database":
+ cwd => $cwd,
+ environment => "RAILS_ENV=${rails_env}",
+ command => "/usr/bin/rake db:create:all"}
+
+}
+
+define rails::migrate::db($cwd="", $rails_env=""){
+ exec{"migrate_rails_database":
+ cwd => $cwd,
+ environment => "RAILS_ENV=${rails_env}",
+ command => "/usr/bin/rake db:migrate"}
+}
+
+define rails::drop::db($cwd="", $rails_env=""){
+ exec{"drop_rails_database":
+ cwd => $cwd,
+ onlyif => "/usr/bin/test -f ${cwd}/Rakefile",
+ environment => "RAILS_ENV=${rails_env}",
+ command => "/usr/bin/rake db:drop:all"}
+}
diff --git a/recipes/deltacloud_recipe/manifests/selinux.pp
b/recipes/deltacloud_recipe/manifests/selinux.pp
new file mode 100644
index 0000000..05a3174
--- /dev/null
+++ b/recipes/deltacloud_recipe/manifests/selinux.pp
@@ -0,0 +1,11 @@
+# Some convenience routines for selinux
+
+define selinux::mode(){
+ $mode = $name ? {
+ 'permissive' => '0',
+ 'enforcing' => '1'
+ }
+ exec{"set_selinux_${name}":
+ command => "/usr/sbin/setenforce ${mode}"
+ }
+}
diff --git a/recipes/deltacloud_recipe/manifests/time.pp
b/recipes/deltacloud_recipe/manifests/time.pp
new file mode 100644
index 0000000..c3db854
--- /dev/null
+++ b/recipes/deltacloud_recipe/manifests/time.pp
@@ -0,0 +1,8 @@
+# Some convenience routines for system time manipulation
+
+# Sync system time via ntp
+define time::sync(){
+ exec{"sync_time":
+ command => "/usr/sbin/ntpdate pool.ntp.org"
+ }
+}
diff --git a/recipes/firewall/README b/recipes/firewall/README
new file mode 100644
index 0000000..5fb3acc
--- /dev/null
+++ b/recipes/firewall/README
@@ -0,0 +1 @@
+Module documentation for firewall
diff --git a/recipes/firewall/files/chain_rules/filter/FORWARD.head
b/recipes/firewall/files/chain_rules/filter/FORWARD.head
new file mode 100644
index 0000000..1bb8bf6
--- /dev/null
+++ b/recipes/firewall/files/chain_rules/filter/FORWARD.head
@@ -0,0 +1 @@
+# empty
diff --git a/recipes/firewall/files/chain_rules/filter/FORWARD.tail
b/recipes/firewall/files/chain_rules/filter/FORWARD.tail
new file mode 100644
index 0000000..1bb8bf6
--- /dev/null
+++ b/recipes/firewall/files/chain_rules/filter/FORWARD.tail
@@ -0,0 +1 @@
+# empty
diff --git a/recipes/firewall/files/chain_rules/filter/INPUT.head
b/recipes/firewall/files/chain_rules/filter/INPUT.head
new file mode 100644
index 0000000..e12264a
--- /dev/null
+++ b/recipes/firewall/files/chain_rules/filter/INPUT.head
@@ -0,0 +1,8 @@
+# INPUT.head
+-P INPUT DROP
+#-i lo -m comment --comment "localhost access" -j ACCEPT
+-i lo -j ACCEPT
+#-m state --state RELATED,ESTABLISHED -m comment --comment "All
established/related" -j ACCEPT
+-m state --state RELATED,ESTABLISHED -j ACCEPT
+# -p icmp -m comment --comment "allow icmp/ping traffic" -j ACCEPT
+-p icmp -j ACCEPT
diff --git a/recipes/firewall/files/chain_rules/filter/INPUT.tail
b/recipes/firewall/files/chain_rules/filter/INPUT.tail
new file mode 100644
index 0000000..d1c2492
--- /dev/null
+++ b/recipes/firewall/files/chain_rules/filter/INPUT.tail
@@ -0,0 +1,3 @@
+# INPUT.tail
+# -m comment --comment "Logging" -m limit --limit 3/minute -j LOG --log-prefix
"[IPTABLES] INPUT : "
+-m limit --limit 3/minute -j LOG --log-prefix "[IPTABLES] INPUT : "
diff --git a/recipes/firewall/files/chain_rules/filter/OUTPUT.head
b/recipes/firewall/files/chain_rules/filter/OUTPUT.head
new file mode 100644
index 0000000..4c40843
--- /dev/null
+++ b/recipes/firewall/files/chain_rules/filter/OUTPUT.head
@@ -0,0 +1 @@
+# OUTPUT.head
diff --git a/recipes/firewall/files/chain_rules/filter/OUTPUT.tail
b/recipes/firewall/files/chain_rules/filter/OUTPUT.tail
new file mode 100644
index 0000000..9effd41
--- /dev/null
+++ b/recipes/firewall/files/chain_rules/filter/OUTPUT.tail
@@ -0,0 +1 @@
+# OUTPUT.tail
diff --git a/recipes/firewall/files/chain_rules/mangle/FORWARD.head
b/recipes/firewall/files/chain_rules/mangle/FORWARD.head
new file mode 100644
index 0000000..1bb8bf6
--- /dev/null
+++ b/recipes/firewall/files/chain_rules/mangle/FORWARD.head
@@ -0,0 +1 @@
+# empty
diff --git a/recipes/firewall/files/chain_rules/mangle/FORWARD.tail
b/recipes/firewall/files/chain_rules/mangle/FORWARD.tail
new file mode 100644
index 0000000..1bb8bf6
--- /dev/null
+++ b/recipes/firewall/files/chain_rules/mangle/FORWARD.tail
@@ -0,0 +1 @@
+# empty
diff --git a/recipes/firewall/files/chain_rules/mangle/INPUT.head
b/recipes/firewall/files/chain_rules/mangle/INPUT.head
new file mode 100644
index 0000000..1bb8bf6
--- /dev/null
+++ b/recipes/firewall/files/chain_rules/mangle/INPUT.head
@@ -0,0 +1 @@
+# empty
diff --git a/recipes/firewall/files/chain_rules/mangle/INPUT.tail
b/recipes/firewall/files/chain_rules/mangle/INPUT.tail
new file mode 100644
index 0000000..1bb8bf6
--- /dev/null
+++ b/recipes/firewall/files/chain_rules/mangle/INPUT.tail
@@ -0,0 +1 @@
+# empty
diff --git a/recipes/firewall/files/chain_rules/mangle/POSTROUTING.head
b/recipes/firewall/files/chain_rules/mangle/POSTROUTING.head
new file mode 100644
index 0000000..1bb8bf6
--- /dev/null
+++ b/recipes/firewall/files/chain_rules/mangle/POSTROUTING.head
@@ -0,0 +1 @@
+# empty
diff --git a/recipes/firewall/files/chain_rules/mangle/POSTROUTING.tail
b/recipes/firewall/files/chain_rules/mangle/POSTROUTING.tail
new file mode 100644
index 0000000..1bb8bf6
--- /dev/null
+++ b/recipes/firewall/files/chain_rules/mangle/POSTROUTING.tail
@@ -0,0 +1 @@
+# empty
diff --git a/recipes/firewall/files/chain_rules/nat/OUTPUT.head
b/recipes/firewall/files/chain_rules/nat/OUTPUT.head
new file mode 100644
index 0000000..1bb8bf6
--- /dev/null
+++ b/recipes/firewall/files/chain_rules/nat/OUTPUT.head
@@ -0,0 +1 @@
+# empty
diff --git a/recipes/firewall/files/chain_rules/nat/OUTPUT.tail
b/recipes/firewall/files/chain_rules/nat/OUTPUT.tail
new file mode 100644
index 0000000..1bb8bf6
--- /dev/null
+++ b/recipes/firewall/files/chain_rules/nat/OUTPUT.tail
@@ -0,0 +1 @@
+# empty
diff --git a/recipes/firewall/files/chain_rules/nat/POSTROUTING.head
b/recipes/firewall/files/chain_rules/nat/POSTROUTING.head
new file mode 100644
index 0000000..1bb8bf6
--- /dev/null
+++ b/recipes/firewall/files/chain_rules/nat/POSTROUTING.head
@@ -0,0 +1 @@
+# empty
diff --git a/recipes/firewall/files/chain_rules/nat/POSTROUTING.tail
b/recipes/firewall/files/chain_rules/nat/POSTROUTING.tail
new file mode 100644
index 0000000..1bb8bf6
--- /dev/null
+++ b/recipes/firewall/files/chain_rules/nat/POSTROUTING.tail
@@ -0,0 +1 @@
+# empty
diff --git a/recipes/firewall/files/chain_rules/nat/PREROUTING.head
b/recipes/firewall/files/chain_rules/nat/PREROUTING.head
new file mode 100644
index 0000000..1bb8bf6
--- /dev/null
+++ b/recipes/firewall/files/chain_rules/nat/PREROUTING.head
@@ -0,0 +1 @@
+# empty
diff --git a/recipes/firewall/files/chain_rules/nat/PREROUTING.tail
b/recipes/firewall/files/chain_rules/nat/PREROUTING.tail
new file mode 100644
index 0000000..1bb8bf6
--- /dev/null
+++ b/recipes/firewall/files/chain_rules/nat/PREROUTING.tail
@@ -0,0 +1 @@
+# empty
diff --git a/recipes/firewall/files/chain_rules/raw/OUTPUT.head
b/recipes/firewall/files/chain_rules/raw/OUTPUT.head
new file mode 100644
index 0000000..1bb8bf6
--- /dev/null
+++ b/recipes/firewall/files/chain_rules/raw/OUTPUT.head
@@ -0,0 +1 @@
+# empty
diff --git a/recipes/firewall/files/chain_rules/raw/OUTPUT.tail
b/recipes/firewall/files/chain_rules/raw/OUTPUT.tail
new file mode 100644
index 0000000..1bb8bf6
--- /dev/null
+++ b/recipes/firewall/files/chain_rules/raw/OUTPUT.tail
@@ -0,0 +1 @@
+# empty
diff --git a/recipes/firewall/files/chain_rules/raw/PREROUTING.head
b/recipes/firewall/files/chain_rules/raw/PREROUTING.head
new file mode 100644
index 0000000..1bb8bf6
--- /dev/null
+++ b/recipes/firewall/files/chain_rules/raw/PREROUTING.head
@@ -0,0 +1 @@
+# empty
diff --git a/recipes/firewall/files/chain_rules/raw/PREROUTING.tail
b/recipes/firewall/files/chain_rules/raw/PREROUTING.tail
new file mode 100644
index 0000000..1bb8bf6
--- /dev/null
+++ b/recipes/firewall/files/chain_rules/raw/PREROUTING.tail
@@ -0,0 +1 @@
+# empty
diff --git a/recipes/firewall/files/iptables-update.sh
b/recipes/firewall/files/iptables-update.sh
new file mode 100644
index 0000000..e7e6e04
--- /dev/null
+++ b/recipes/firewall/files/iptables-update.sh
@@ -0,0 +1,200 @@
+#!/bin/bash
+
+firewallDir="/usr/share/firewall"
+
+# firewallDir contains a directory for each table (filter, nat, mangle)
+# - each table dir contains a dir for each chain in that table
+# - each chain dir has link files that are iptables snippets
+# - each table dir can contain a CHAIN.head file, which goes in front of the chain
+# - each table dir can contain a CHAIN.tail file, which goes in back of the chain
+# and should set default policy
+#
+# Example firewallDir layout
+# filter
+# INPUT
+# ftp
+# http
+# smb
+# INPUT.head
+# INPUT.tail
+# OUTPUT
+# OUTPUT.head
+# FORWARD
+# nat
+# PREROUTING
+#
+# Any chains not in this tree will be removed from the running config
+
+#oldTable=$(mktemp oldTable.XXXXXX)
+#currentTable=$(mktemp currTable.XXXXXX)
+if [ "$1" == 'DEBUG' ]; then
+ DEBUG=1
+else
+ DEBUG=0
+fi
+IPTABLES="/sbin/iptables"
+
+# iptables wrapper
+function ipt {
+
+ if [ "$DEBUG" -eq 1 ]; then
+ echo "DEBUG: running $IPTABLES $@"
+ eval $IPTABLES $@
+ else
+ eval $IPTABLES $@ 2>/dev/null
+ fi
+
+ retVal="$?"
+ return $retVal
+}
+
+function insertEntry {
+ table="$1"
+ chain="$2"
+ entryNum="$3"
+ shift; shift; shift
+ ENTRY="$@"
+
+ # Remove the -A if it's there, we already know the table and chain
+ # This will make it easier to create the files, as you can just copy/paste
+ # from an iptables-save
+ ENTRY=$(echo $ENTRY | sed 's/^-A [0-9a-zA-Z-]* //')
+
+ # Insert at the enegrep -v '^([[:space:]]*#|[[:space:]]*$)'d of the new section
+ if echo "$ENTRY" | grep -q '^-P'; then
+ ipt -t $table $ENTRY
+ else
+ ipt -t $table -I $chain $entryNum $ENTRY
+ fi
+}
+
+function removeComments {
+ filename="$1"
+ egrep -v '^([[:space:]]*#|[[:space:]]*$)' $filename 2>/dev/null
+}
+
+
+# write out the current firewall
+#iptables-save > $oldTable
+
+# Set up all the tables in advance.
+pushd ${firewallDir} > /dev/null
+for table in *; do
+ # A particular table
+ if [ -d "$table" ]; then
+ pushd "$table" > /dev/null
+ for chain in *; do
+ if [ ! -d "$chain" ]; then
+ # Only directories are valid chains
+ continue
+ fi
+
+ #create the table
+ ipt -t $table -N $chain 2> /dev/null
+ done
+ popd > /dev/null
+ fi
+done
+popd > /dev/null
+
+# Put the iptables pieces into the full layout of the table
+pushd ${firewallDir} > /dev/null
+for table in *; do
+ if [ -d "$table" ]; then
+ pushd "$table" > /dev/null
+ for chain in *; do
+ if [ ! -d "$chain" ]; then
+ # Only directories are valid chains
+ continue
+ fi
+
+ echo "Working on chain $chain in table $table"
+ numEntries=0
+
+ echo "Adding rules to chain $chain in table $table"
+ if [ -f "${chain}.head" ]; then
+ # The head of the firewall goes in first.
+ while read ENTRY; do
+ if echo "$ENTRY" | grep -qv '^-P'; then
+ let numEntries="$numEntries + 1"
+ fi
+ insertEntry $table $chain $numEntries $ENTRY
+ done < <( removeComments "${chain}.head" )
+ fi
+
+ # go into the chain, add all the link files to the firewall
+ pushd $chain > /dev/null
+ for link in *; do
+ while read ENTRY; do
+ if echo "$ENTRY" | grep -qv '^-P'; then
+ let numEntries="$numEntries + 1"
+ fi
+ insertEntry $table $chain $numEntries $ENTRY
+ done < <( removeComments "$link" )
+ done
+ popd > /dev/null
+
+ if [ -f "$chain.tail" ]; then
+ # The tail of the firewall goes in last.
+ while read ENTRY; do
+ if echo "$ENTRY" | grep -qv '^-P'; then
+ let numEntries="$numEntries + 1"
+ fi
+
+ insertEntry $table $chain $numEntries $ENTRY
+ done < <( removeComments "${chain}.tail" )
+ fi
+
+ # flush out the old rules from this chain
+ echo "Cleaning chain $chain in table $table..."
+ let oldEntry="$numEntries + 1"
+ while ipt -t $table -D $chain $oldEntry; do
+ echo -en "."
+ done
+ echo -en "\n"
+ done
+ popd > /dev/null
+ fi
+done
+popd > /dev/null
+
+# Delete all rules from the chains that shouldn't be there
+pushd ${firewallDir} > /dev/null
+for table in *; do
+ pushd "$table" > /dev/null > /dev/null
+ for chain in $(iptables-save | sed -n '/^\*'$table'/,/^\*/p' | grep
'^:' | cut -d' ' -f1 | sed 's/://'); do
+ if [ ! -d "$chain" ]; then
+ # Flush the chain
+ echo "Flushing rules from chain $chain in table $table"
+ ipt -t $table -F $chain
+ fi
+ done
+ popd > /dev/null
+done
+popd > /dev/null
+
+# delete the chains that shouldn't be there
+pushd ${firewallDir} > /dev/null
+for table in filter nat mangle; do
+ if [ ! -d "$table" ]; then
+ # This table isn't used, clear it
+ ipt -t $table -F
+ ipt -t $table -X
+ else
+
+ pushd "$table" > /dev/null
+ for chain in $(iptables-save | sed -n '/^\*'$table'/,/^\*/p' | grep
'^:' | cut -d' ' -f1 | sed 's/://'); do
+ if [ "$chain" == "FORWARD" ]; then
+ continue
+ fi
+ if [ ! -d "$chain" ]; then
+ # Delete the chain
+ echo "Deleting chain $chain from table $table"
+ ipt -t $table -P $chain ACCEPT
+ ipt -t $table -X $chain
+ fi
+ done
+ popd > /dev/null
+ fi
+done
+popd > /dev/null
diff --git a/recipes/firewall/manifests/defines.pp
b/recipes/firewall/manifests/defines.pp
new file mode 100644
index 0000000..871f357
--- /dev/null
+++ b/recipes/firewall/manifests/defines.pp
@@ -0,0 +1,77 @@
+# usage
+# firewall::rule { 'rulename':
+# chain => "INPUT",
+# table => "filter",
+# source_port => 123423,
+# destination_port => 22,
+# destination => foo.com,
+# source => bar.com,
+# to_ports => "443"
+# action => ACCEPT
+# }
+define firewall::rule (
+ $chain = 'INPUT',
+ $table = 'filter',
+ $comment = '',
+ $protocol = 'tcp',
+ $source_port = '',
+ $destination_port = '',
+ $source = '',
+ $destination = '',
+ $to_ports = '',
+ $to_destination = '',
+ $modules = [],
+ $destination_range = '',
+ $not_physdev_bridged = '',
+ $source_range = '',
+ $out_interface = '',
+ $in_interface = '',
+ $uid_owner = '',
+ $reject_with = '',
+ $log_prefix = '',
+ $state = '',
+ $every = '',
+ $mode = '',
+ $action = 'ACCEPT'
+ ) {
+
+ include firewall
+
+ $table_path = "${firewall::firewall_dir}/${table}"
+ $chain_path = "${firewall::firewall_dir}/${table}/${chain}"
+
+ if defined(File["${chain_path}"]) {
+ # do nothing
+ $trash = ''
+ } else {
+ file { "${chain_path}":
+ ensure => directory,
+ purge => true,
+ recurse => true,
+ require => File["${table_path}"],
+ }
+ }
+
+ $link_path = "$firewall::firewall_dir/${table}/${chain}/${name}"
+
+ file { "${link_path}":
+ content => template("firewall/rule.erb"),
+ notify => Service["firewall"],
+ }
+}
+
+define firewall::rule::stub () {
+ file {
+ "${name}.head":
+ name => "${firewall_dir}/${name}.head",
+ mode => 0700,
+ source => "puppet:///modules/firewall/chain_rules/${name}.head",
+ ;
+ "${name}.tail":
+ name => "${firewall_dir}/${name}.tail",
+ mode => 0700,
+ source => "puppet:///modules/firewall/chain_rules/${name}.tail",
+ ;
+ }
+}
+
diff --git a/recipes/firewall/manifests/init.pp b/recipes/firewall/manifests/init.pp
new file mode 100644
index 0000000..c38abc3
--- /dev/null
+++ b/recipes/firewall/manifests/init.pp
@@ -0,0 +1,102 @@
+import "defines.pp"
+
+class firewall {
+
+ $firewall_dir = "/usr/share/firewall"
+ package { "iptables":
+ ensure => installed,
+ }
+
+ service { "firewall":
+ name => "iptables",
+ enable => true,
+ hasstatus => true,
+ require => [ Package["iptables"],
File["iptables-update"] ],
+ restart => "/usr/local/bin/iptables-update.sh",
+ }
+
+ # the reload script (thanks rmonk)
+ file { "iptables-update":
+ name => "/usr/local/bin/iptables-update.sh",
+ mode => 0755,
+ source => "puppet:///modules/firewall/iptables-update.sh",
+ }
+
+ file { "${firewall_dir}":
+ ensure => directory,
+ mode => 0755,
+ }
+
+ # create the table directories
+ file {
+ [
+ "${firewall_dir}/filter",
+ "${firewall_dir}/filter/INPUT",
+ "${firewall_dir}/filter/OUTPUT",
+ "${firewall_dir}/filter/FORWARD",
+ "${firewall_dir}/nat",
+ "${firewall_dir}/nat/PREROUTING",
+ "${firewall_dir}/nat/OUTPUT",
+ "${firewall_dir}/nat/POSTROUTING",
+ "${firewall_dir}/mangle",
+ "${firewall_dir}/mangle/FORWARD",
+ "${firewall_dir}/mangle/POSTROUTING",
+ "${firewall_dir}/mangle/INPUT",
+ "${firewall_dir}/raw",
+ "${firewall_dir}/raw/PREROUTING",
+ "${firewall_dir}/raw/OUTPUT"
+ ]:
+ ensure => directory,
+ notify => Service["firewall"],
+ require => File["${firewall_dir}"],
+ mode => 0755,
+ }
+
+ # create the head/tail files -- we tried a recursive resource here but it failed.
+ $wrapper_rules = [
+ 'filter/INPUT',
+ 'filter/OUTPUT',
+ 'filter/FORWARD',
+ 'nat/PREROUTING',
+ 'nat/POSTROUTING',
+ 'nat/OUTPUT',
+ 'mangle/FORWARD',
+ 'mangle/INPUT',
+ 'mangle/POSTROUTING',
+ 'raw/PREROUTING',
+ 'raw/OUTPUT'
+ ]
+
+ firewall::rule::stub { $wrapper_rules:
+ notify => Service["firewall"],
+ require => File["${firewall_dir}"],
+ }
+
+ # relevent execs
+ exec { "reload-firewall":
+ command => "/usr/local/bin/iptables-update.sh",
+ require => File["iptables-update"],
+ refreshonly => true,
+ }
+}
+
+class firewall::disabled inherits firewall {
+ Service["firewall"] {
+ ensure => stopped,
+ enable => false,
+ }
+}
+
+class firewall::ckmtest inherits firewall {
+
+ firewall::rule { "NAT":
+ table => 'nat',
+ chain => 'PREROUTING',
+ protocol => 'tcp',
+ destination_port => '8443',
+ action => 'REDIRECT',
+ to_ports => "443",
+ comment => "nat rule",
+ }
+}
+
diff --git a/recipes/firewall/templates/rule.erb b/recipes/firewall/templates/rule.erb
new file mode 100644
index 0000000..c3ae3f8
--- /dev/null
+++ b/recipes/firewall/templates/rule.erb
@@ -0,0 +1,70 @@
+<% unless protocol.empty? -%>
+-p <%= protocol + " " -%>
+<% end -%>
+<% for m in modules -%>
+-m <%= m + " " -%>
+<% end -%>
+<% unless destination_range.empty? -%>
+--dst-range <%= destination_range + " " -%>
+<% end -%>
+<% unless source_range.empty? -%>
+--src-range <%= source_range + " " -%>
+<% end -%>
+<% unless out_interface.empty? -%>
+--out-interface <%= out_interface + " " -%>
+<% end -%>
+<% unless in_interface.empty? -%>
+--in-interface <%= in_interface + " " -%>
+<% end -%>
+<% unless source.empty? -%>
+--source <%= source + " " -%>
+<% end -%>
+<% unless uid_owner.empty? -%>
+--uid-owner <%= uid_owner + " " -%>
+<% end -%>
+<% unless state.empty? -%>
+--state <%= state + " " -%>
+<% end -%>
+<% unless mode.empty? -%>
+--mode <%= mode + " " -%>
+<% end -%>
+<% unless not_physdev_bridged.empty? -%>
+! --physdev-is-bridged
+<% end -%>
+<% unless every.empty? -%>
+--every <%= every + " " -%>
+<% end -%>
+<% unless destination.empty? -%>
+--destination <%= destination + " " -%>
+<% end -%>
+<% unless destination_port.empty? -%>
+<% if destination_port =~ /:|,/ -%>
+-m multiport --destination-ports <%= destination_port + " " -%>
+<% else -%>
+--destination-port <%= destination_port + " " -%>
+<% end -%>
+<% end -%>
+<% unless source_port.empty? -%>
+<% if source_port =~ /:|,/ -%>
+-m multiport --source-ports <%= source_port + " " -%>
+<% else -%>
+--source-port <%= source_port + " " -%>
+<% end -%>
+<% end -%>
+<% if operatingsystemrelease == '5' -%>
+-m comment --comment "<%= comment -%>"<%= " " -%>
+<% end -%>
+-j <%= action -%>
+<% unless to_ports.empty? -%>
+ --to-ports <%= to_ports + " " -%>
+<% end -%>
+<% unless to_destination.empty? -%>
+ --to-destination <%= to_destination + " " -%>
+<% end -%>
+<% unless log_prefix.empty? -%>
+--log-prefix <%= log_prefix + " " -%>
+<% end -%>
+<% unless reject_with.empty? -%>
+--reject-with <%= reject_with + " " -%>
+<% end -%>
+<%# keep at end %>
diff --git a/recipes/ntp/README b/recipes/ntp/README
new file mode 100644
index 0000000..e69de29
diff --git a/recipes/ntp/manifests/init.pp b/recipes/ntp/manifests/init.pp
new file mode 100644
index 0000000..00897cd
--- /dev/null
+++ b/recipes/ntp/manifests/init.pp
@@ -0,0 +1,45 @@
+class ntp {
+ package { "ntp":
+ ensure => installed,
+ }
+ File {
+ owner => root,
+ group => root,
+ mode => 0644,
+ }
+}
+class ntp::client inherits ntp {
+ service { "ntpd":
+ ensure => running,
+ enable => true,
+ hasrestart => true,
+ hasstatus => true,
+ require => Package["ntp"],
+ }
+
+ # default ntp servers if none-specified
+ # for different environments this should be changed in the branch
+ # only setup an override here in case there is an odd host or two
+ # that needs to be different from others in the same env
+ $default_ntpservers = [ "pool.ntp.org" ]
+ $ntpservers = $ntpservers ? {
+ '' => $default_ntpservers,
+ default => $ntpservers,
+ }
+
+ file { "/etc/ntp.conf":
+ content => template("ntp/ntp.conf"),
+ notify => Service["ntpd"],
+ require => Package["ntp"],
+ }
+ file { "/etc/ntp/":
+ require => Package["ntp"],
+ }
+ file { "/etc/ntp/step-tickers":
+ content => template("ntp/ntp.conf"),
+ notify => Service["ntpd"],
+ require => Package["ntp"],
+ }
+}
+class ntp::server inherits ntp {
+}
diff --git a/recipes/ntp/templates/ntp.conf b/recipes/ntp/templates/ntp.conf
new file mode 100644
index 0000000..8bfd2d0
--- /dev/null
+++ b/recipes/ntp/templates/ntp.conf
@@ -0,0 +1,5 @@
+# /etc/ntp.conf generated by puppet
+driftfile /var/lib/ntp/drift
+<% for ntpserver in ntpservers -%>
+server <%= ntpserver %>
+<% end -%>
diff --git a/recipes/ntp/templates/step-tickers b/recipes/ntp/templates/step-tickers
new file mode 100644
index 0000000..57cd8bb
--- /dev/null
+++ b/recipes/ntp/templates/step-tickers
@@ -0,0 +1,4 @@
+# /etc/ntp/step-tickerts generated by puppet
+<% for ntpserver in ntpservers -%>
+server <%= ntpserver %>
+<% end -%>
diff --git a/recipes/postgres/README b/recipes/postgres/README
new file mode 100644
index 0000000..e69de29
diff --git a/recipes/postgres/files/pg_hba.conf b/recipes/postgres/files/pg_hba.conf
new file mode 100644
index 0000000..f7d3b8d
--- /dev/null
+++ b/recipes/postgres/files/pg_hba.conf
@@ -0,0 +1,8 @@
+# TYPE DATABASE USER CIDR-ADDRESS METHOD
+
+# "local" is for Unix domain socket connections only
+local all all password sameuser
+# IPv4 local connections:
+host all all 127.0.0.1/32 password sameuser
+# IPv6 local connections:
+host all all ::1/128 password sameuser
diff --git a/recipes/postgres/manifests/init.pp b/recipes/postgres/manifests/init.pp
new file mode 100644
index 0000000..4a4fb5e
--- /dev/null
+++ b/recipes/postgres/manifests/init.pp
@@ -0,0 +1,70 @@
+import "firewall"
+
+class postgres {
+ package { "postgresql":
+ ensure => installed,
+ }
+}
+
+class postgres::client inherits postgres {
+}
+
+class postgres::server inherits postgres {
+ firewall::rule { "Postgres":
+ destination_port => "5432",
+ comment => "postgresql tcp/5432",
+ }
+
+ package { [ "postgresql-server" ]:
+ ensure => installed,
+ }
+
+ group { "postgres":
+ gid => 26,
+ }
+
+ service { "postgresql":
+ ensure => running,
+ enable => true,
+ hasrestart => true,
+ hasstatus => true,
+ require => [ Package["postgresql-server"],
Exec["pginitdb"] ],
+ }
+
+ file { "/var/lib/pgsql/data":
+ ensure => directory,
+ owner => "postgres",
+ group => "postgres",
+ require => Package["postgresql-server"],
+ }
+
+ exec { "pginitdb":
+ command => "/usr/bin/initdb
--pgdata='/var/lib/pgsql/data'",
+ user => "postgres",
+ group => "postgres",
+ creates => "/var/lib/pgsql/data/PG_VERSION",
+ require => Package["postgresql-server"],
+ notify => Service["postgresql"],
+ }
+
+ firewall::rule { "POSTGRES-SERVER":
+ destination_port => "5432",
+ comment => "Postresql inbound 5432/tcp"
+ }
+
+}
+
+define postgres::user($ensure='created', $password="",
$roles=""){
+ case $ensure {
+ 'created': {
+ exec{"create_${name}_postgres_user":
+ unless => "/usr/bin/test `psql postgres postgres -P tuples_only -c
\"select count(*) from pg_user where usename='${name}';\"` =
\"1\"",
+ command => "/usr/bin/psql postgres postgres -c \
+ \"CREATE USER ${name} WITH PASSWORD '${password}'
${roles}\""}}
+ 'dropped': {
+ exec{"drop_${name}_postgres_user":
+ onlyif => "/usr/bin/test `psql postgres postgres -P tuples_only -c
\"select count(*) from pg_user where usename='${name}';\"` =
\"1\"",
+ command => "/usr/bin/psql postgres postgres -c \
+ \"DROP USER ${name}\""}}
+ }
+}
diff --git a/recipes/postgres/plugins/puppet/provider/pgsql_database/pgsql.rb
b/recipes/postgres/plugins/puppet/provider/pgsql_database/pgsql.rb
new file mode 100644
index 0000000..994e22f
--- /dev/null
+++ b/recipes/postgres/plugins/puppet/provider/pgsql_database/pgsql.rb
@@ -0,0 +1,64 @@
+require 'puppet/provider/package'
+
+Puppet::Type.type(:pgsql_database).provide(:pgsql,
+ :parent => Puppet::Provider::Package) do
+
+ desc "Use pgsql as database."
+
+ # retrieve the current set of pgsql users
+ def self.instances
+ dbs = []
+
+ output = execute(['psql', '-Aqtl'], :failonfail => true, :uid
=> "postgres")
+ output.each do |line|
+ dbs << new( query_line_to_hash(line) )
+ end
+ return dbs
+ end
+
+ def self.query_line_to_hash(line)
+ fields = line.chomp.split('|')
+ {
+ :name => fields[0],
+ :owner => fields[1],
+ :ensure => :present
+ }
+ end
+
+ def query
+ result = {
+ :name => @resource[:name],
+ :owner => @resource[:owner],
+ :ensure => :absent
+ }
+
+ output = execute(['psql', '-Aqtc', "SELECT pg_database.datname,
pg_user.usename FROM pg_database, pg_user WHERE
pg_database.datname='#{resource[:name]} AND pg_user.usesysid = ( SELECT datdba FROM
pg_database WHERE pg_database.datname='#{@resource[:name]}')" ], :failonfail
=> true, :uid => "postgres")
+ output.each do |line|
+ result = query_line_to_hash(line)
+ end
+ result
+ end
+
+ def create
+ execute(['createdb', '-q', '-O',
"#{@resource.should(:owner)}", "#{@resource[:name]}"], :failonfail
=> true, :uid => "postgres")
+ end
+
+ def destroy
+ execute(['dropdb', '-q', "#{@resource[:name]}"],
:failonfail => true, :uid => "postgres")
+ end
+
+ def exists?
+ output = execute(['psql', '-Aqtc', "SELECT datname FROM
pg_database WHERE datname='#{@resource[:name]}'"], :failonfail => true,
:uid => "postgres")
+ output.chomp.match(/^#{@resource[:name]}$/)
+ end
+
+ def owner
+ @property_hash[:owner]
+ end
+
+ def owner=(string)
+ execute(['psql', '-Aqtc', "UPDATE pg_database SET datdba=(SELECT
oid FROM pg_roles WHERE rolname='#{string}') where
datname='#{@resource[:name]}'"], :failonfail => true, :uid =>
"postgres")
+ end
+
+end
+
diff --git a/recipes/postgres/plugins/puppet/provider/pgsql_grant/pgsql.rb
b/recipes/postgres/plugins/puppet/provider/pgsql_grant/pgsql.rb
new file mode 100644
index 0000000..61c32d9
--- /dev/null
+++ b/recipes/postgres/plugins/puppet/provider/pgsql_grant/pgsql.rb
@@ -0,0 +1,155 @@
+# A grant is either global or per-db. This can be distinguished by the syntax
+# of the name:
+# user@host => global
+# user@host/db => per-db
+
+require 'puppet/provider/package'
+
+MYSQL_USER_PRIVS = [ :select_priv, :insert_priv, :update_priv, :delete_priv,
+ :create_priv, :drop_priv, :reload_priv, :shutdown_priv, :process_priv,
+ :file_priv, :grant_priv, :references_priv, :index_priv, :alter_priv,
+ :show_db_priv, :super_priv, :create_tmp_table_priv, :lock_tables_priv,
+ :execute_priv, :repl_slave_priv, :repl_client_priv, :create_view_priv,
+ :show_view_priv, :create_routine_priv, :alter_routine_priv,
+ :create_user_priv
+]
+
+MYSQL_DB_PRIVS = [ :select_priv, :insert_priv, :update_priv, :delete_priv,
+ :create_priv, :drop_priv, :grant_priv, :references_priv, :index_priv,
+ :alter_priv, :create_tmp_table_priv, :lock_tables_priv, :create_view_priv,
+ :show_view_priv, :create_routine_priv, :alter_routine_priv, :execute_priv
+]
+
+Puppet::Type.type(:mysql_grant).provide(:mysql) do
+
+ desc "Uses mysql as database."
+
+ commands :mysql => '/usr/bin/mysql'
+ commands :mysqladmin => '/usr/bin/mysqladmin'
+
+ def mysql_flush
+ mysqladmin "flush-privileges"
+ end
+
+ # this parses the
+ def split_name(string)
+ matches = /^([^@]*)(a)([^\/]*)(\/(.*))?$/.match(string).captures.compact
+ case matches.length
+ when 2
+ {
+ :type => :user,
+ :user => matches[0],
+ :host => matches[1]
+ }
+ when 4
+ {
+ :type => :db,
+ :user => matches[0],
+ :host => matches[1],
+ :db => matches[3]
+ }
+ end
+ end
+
+ def create_row
+ unless @resource.should(:privileges).empty?
+ name = split_name(@resource[:name])
+ case name[:type]
+ when :user
+ mysql "mysql", "-e", "INSERT INTO user (host, user) VALUES
('%s', '%s')" % [
+ name[:host], name[:user],
+ ]
+ when :db
+ mysql "mysql", "-e", "INSERT INTO db (host, user, db) VALUES
('%s', '%s', '%s')" % [
+ name[:host], name[:user], name[:db],
+ ]
+ end
+ mysql_flush
+ end
+ end
+
+ def destroy
+ mysql "mysql", "-e", "REVOKE ALL ON '%s'.* FROM
'%s@%s'" % [ @resource[:privileges], @resource[:database], @resource[:name],
@resource[:host] ]
+ end
+
+ def row_exists?
+ name = split_name(@resource[:name])
+ fields = [:user, :host]
+ if name[:type] == :db
+ fields << :db
+ end
+ not mysql( "mysql", "-NBe", 'SELECT "1" FROM %s WHERE
%s' % [ name[:type], fields.map do |f| "%s = '%s'" % [f, name[f]]
end.join(' AND ')]).empty?
+ end
+
+ def all_privs_set?
+ all_privs = case split_name(@resource[:name])[:type]
+ when :user
+ MYSQL_USER_PRIVS
+ when :db
+ MYSQL_DB_PRIVS
+ end
+ all_privs = all_privs.collect do |p| p.to_s end.sort.join("|")
+ privs = privileges.collect do |p| p.to_s end.sort.join("|")
+
+ all_privs == privs
+ end
+
+ def privileges
+ name = split_name(@resource[:name])
+ privs = ""
+
+ case name[:type]
+ when :user
+ privs = mysql "mysql", "-Be", 'select * from user where
user="%s" and host="%s"' % [ name[:user], name[:host] ]
+ when :db
+ privs = mysql "mysql", "-Be", 'select * from db where
user="%s" and host="%s" and db="%s"' % [ name[:user],
name[:host], name[:db] ]
+ end
+
+ if privs.match(/^$/)
+ privs = [] # no result, no privs
+ else
+ # returns a line with field names and a line with values, each tab-separated
+ privs = privs.split(/\n/).map! do |l| l.chomp.split(/\t/) end
+ # transpose the lines, so we have key/value pairs
+ privs = privs[0].zip(privs[1])
+ privs = privs.select do |p| p[0].match(/_priv$/) and p[1] == 'Y' end
+ end
+
+ privs.collect do |p| symbolize(p[0].downcase) end
+ end
+
+ def privileges=(privs)
+ unless row_exists?
+ create_row
+ end
+
+ # puts "Setting privs: ", privs.join(", ")
+ name = split_name(@resource[:name])
+ stmt = ''
+ where = ''
+ all_privs = []
+ case name[:type]
+ when :user
+ stmt = 'update user set '
+ where = ' where user="%s" and host="%s"' % [ name[:user],
name[:host] ]
+ all_privs = MYSQL_USER_PRIVS
+ when :db
+ stmt = 'update db set '
+ where = ' where user="%s" and host="%s"' % [ name[:user],
name[:host] ]
+ all_privs = MYSQL_DB_PRIVS
+ end
+
+ if privs[0] == :all
+ privs = all_privs
+ end
+
+ # puts "stmt:", stmt
+ set = all_privs.collect do |p| "%s = '%s'" % [p, privs.include?(p) ?
'Y' : 'N'] end.join(', ')
+ # puts "set:", set
+ stmt = stmt << set << where
+
+ mysql "mysql", "-Be", stmt
+ mysql_flush
+ end
+end
+
diff --git a/recipes/postgres/plugins/puppet/provider/pgsql_user/pgsql.rb
b/recipes/postgres/plugins/puppet/provider/pgsql_user/pgsql.rb
new file mode 100644
index 0000000..073c62c
--- /dev/null
+++ b/recipes/postgres/plugins/puppet/provider/pgsql_user/pgsql.rb
@@ -0,0 +1,127 @@
+require 'puppet/provider/package'
+
+Puppet::Type.type(:pgsql_user).provide(:pgsql,
+ # T'is funny business, this code is quite
generic
+ :parent => Puppet::Provider::Package) do
+
+ desc "Use pgsql as database."
+
+ # retrieve the current set of pgsql users
+ def self.instances
+ users = []
+
+ output = execute(['psql', '-Aqtc', "SELECT * FROM
pg_authid"], :failonfail => true, :uid => "postgres")
+ output.each do |line|
+ users << new( query_line_to_hash(line) )
+ end
+ return users
+ end
+
+ def self.query_line_to_hash(line)
+ fields = line.chomp.split('|')
+ {
+ :name => fields[0],
+ :superuser => fields[1],
+ :createrole => fields[3],
+ :createdb => fields[4],
+ :password => fields[8],
+ :ensure => :present
+ }
+ end
+
+ def query
+ result = {}
+
+ output = execute(['psql', '-Aqtc', "SELECT * FROM pg_authid
WHERE rolname='#{@resource[:name]}'"], :failonfail => true, :uid =>
"postgres")
+ output.each do |line|
+ unless result.empty?
+ raise Puppet::Error,
+ "Got multiple results for user '%s'" % @resource[:name]
+ end
+ result = query_line_to_hash(line)
+ end
+ result
+ end
+
+ def create
+ options = ""
+ if @resource.should(:superuser) == :true
+ options << " SUPERUSER"
+ end
+ if @resource.should(:createrole) == :true
+ options << " CREATEROLE"
+ end
+ if @resource.should(:createdb) == :true
+ options << " CREATEDB"
+ end
+
+ execute(['psql', '-Aqtc', "CREATE USER #{@resource[:name]} WITH
PASSWORD '#{@resource.should(:password)}' #{options}"], :failonfail =>
true, :uid => "postgres")
+ end
+
+ def destroy
+ execute(['dropuser', '-q', "#{@resource[:name]}"],
:failonfail => true, :uid => "postgres")
+ end
+
+ def exists?
+ output = execute(['psql', '-Aqtc', "SELECT rolname FROM
pg_authid WHERE rolname='#{@resource[:name]}'"], :failonfail => true, :uid
=> "postgres")
+ output.match(/^#{@resource[:name]}$/)
+ end
+
+ def password
+ @property_hash[:password]
+ end
+
+ def password=(string)
+ execute(['psql', '-Aqtc', "ALTER ROLE #{@resource[:name]} WITH
ENCRYPTED PASSWORD '#{string}'"], :failonfail => true, :uid =>
"postgres")
+ end
+
+ def superuser
+ if @property_hash[:superuser] == "t"
+ :true
+ else
+ :false
+ end
+ end
+
+ def superuser=(string)
+ if string == :true
+ execute(['psql', '-Aqtc', "ALTER ROLE #{@resource[:name]}
SUPERUSER"], :failonfail => true, :uid => "postgres")
+ else
+ execute(['psql', '-Aqtc', "ALTER ROLE #{@resource[:name]}
NOSUPERUSER"], :failonfail => true, :uid => "postgres")
+ end
+ end
+
+ def createrole
+ if @property_hash[:createrole] == "t"
+ :true
+ else
+ :false
+ end
+ end
+
+ def createrole=(string)
+ if string == :true
+ execute(['psql', '-Aqtc', "ALTER ROLE #{@resource[:name]}
CREATEROLE"], :failonfail => true, :uid => "postgres")
+ else
+ execute(['psql', '-Aqtc', "ALTER ROLE #{@resource[:name]}
NOCREATEROLE"], :failonfail => true, :uid => "postgres")
+ end
+ end
+
+ def createdb
+ if @property_hash[:createdb] == "t"
+ :true
+ else
+ :false
+ end
+ end
+
+ def createdb=(string)
+ if string == :true
+ execute(['psql', '-Aqtc', "ALTER ROLE #{@resource[:name]}
CREATEDB"], :failonfail => true, :uid => "postgres")
+ else
+ execute(['psql', '-Aqtc', "ALTER ROLE #{@resource[:name]}
NOCREATEDB"], :failonfail => true, :uid => "postgres")
+ end
+ end
+
+end
+
diff --git a/recipes/postgres/plugins/puppet/type/pgsql_database.rb
b/recipes/postgres/plugins/puppet/type/pgsql_database.rb
new file mode 100644
index 0000000..6c77924
--- /dev/null
+++ b/recipes/postgres/plugins/puppet/type/pgsql_database.rb
@@ -0,0 +1,14 @@
+# This has to be a separate type to enable collecting
+Puppet::Type.newtype(:pgsql_database) do
+ @doc = "Manage a database."
+ ensurable
+ newparam(:name) do
+ desc "The name of the database."
+ end
+ newproperty(:owner) do
+ desc "The owner of the database."
+
+ defaultto "postgres"
+ end
+end
+
diff --git a/recipes/postgres/plugins/puppet/type/pgsql_grant.rb
b/recipes/postgres/plugins/puppet/type/pgsql_grant.rb
new file mode 100644
index 0000000..b0bbaf7
--- /dev/null
+++ b/recipes/postgres/plugins/puppet/type/pgsql_grant.rb
@@ -0,0 +1,77 @@
+# This has to be a separate type to enable collecting
+Puppet::Type.newtype(:pgsql_grant) do
+ @doc = "Manage a database user's rights."
+ #ensurable
+
+ autorequire :pgsql_db do
+ # puts "Starting db autoreq for %s" % self[:name]
+ reqs = []
+ matches = self[:name].match(/^([^@]+)@([^\/]+)\/(.+)$/)
+ unless matches.nil?
+ reqs << matches[3]
+ end
+ # puts "Autoreq: '%s'" % reqs.join(" ")
+ reqs
+ end
+
+ autorequire :pgsql_user do
+ # puts "Starting user autoreq for %s" % self[:name]
+ reqs = []
+ matches = self[:name].match(/^([^@]+)@([^\/]+).*$/)
+ unless matches.nil?
+ reqs << "%s@%s" % [ matches[1], matches[2] ]
+ end
+ # puts "Autoreq: '%s'" % reqs.join(" ")
+ reqs
+ end
+
+ newparam(:name) do
+ desc "The primary key: either user@host for global privilges or
user@host/database for database specific privileges"
+ end
+ newproperty(:privileges, :array_matching => :all) do
+ desc "The privileges the user should have. The possible values are
implementation dependent."
+ munge do |v|
+ symbolize(v)
+ end
+
+ def should_to_s(newvalue = @should)
+ if newvalue
+ unless newvalue.is_a?(Array)
+ newvalue = [ newvalue ]
+ end
+ newvalue.collect do |v| v.to_s end.sort.join ", "
+ else
+ nil
+ end
+ end
+
+ def is_to_s(currentvalue = @is)
+ if currentvalue
+ unless currentvalue.is_a?(Array)
+ currentvalue = [ currentvalue ]
+ end
+ currentvalue.collect do |v| v.to_s end.sort.join ", "
+ else
+ nil
+ end
+ end
+
+ # use the sorted outputs for comparison
+ def insync?(is)
+ if defined? @should and @should
+ case self.should_to_s
+ when "all"
+ self.provider.all_privs_set?
+ when self.is_to_s(is)
+ true
+ else
+ false
+ end
+ else
+ true
+ end
+ end
+
+ end
+end
+
diff --git a/recipes/postgres/plugins/puppet/type/pgsql_user.rb
b/recipes/postgres/plugins/puppet/type/pgsql_user.rb
new file mode 100644
index 0000000..7803b13
--- /dev/null
+++ b/recipes/postgres/plugins/puppet/type/pgsql_user.rb
@@ -0,0 +1,48 @@
+# This has to be a separate type to enable collecting
+
+require 'digest/md5'
+
+Puppet::Type.newtype(:pgsql_user) do
+ @doc = "Manage a database user."
+ ensurable
+
+ newparam(:name) do
+ desc "The name of the user"
+ end
+
+ newproperty(:password) do
+ desc "The unencrypted password of the user."
+ munge do |password|
+ return 'md5' + Digest::MD5.hexdigest(password + @resource[:name])
+ end
+ end
+
+ newproperty(:superuser) do
+ desc "Is the user a superuser"
+
+ newvalue(:true)
+ newvalue(:false)
+
+ defaultto :false
+ end
+
+ newproperty(:createdb) do
+ desc "Is the user a allowed to create new databases"
+
+ newvalue(:true)
+ newvalue(:false)
+
+ defaultto :false
+ end
+
+ newproperty(:createrole) do
+ desc "Is the user a allowed to create new roles"
+
+ newvalue(:true)
+ newvalue(:false)
+
+ defaultto :false
+ end
+
+end
+
--
1.7.2.3
1:59 p.m.
New subject: [PATCH appliance 4/7] leverage firewall, ntp, postgres modules, remove ace dependency
---
bin/dc-install | 2 +-
bin/dc-services | 2 +-
bin/dc-uninstall | 2 +-
contrib/deltacloud_recipe.spec | 5 ---
recipes/deltacloud_recipe/manifests/deltacloud.pp | 19 +++++-----
recipes/deltacloud_recipe/manifests/postgres.pp | 38 ---------------------
recipes/deltacloud_recipe/manifests/time.pp | 8 ----
7 files changed, 12 insertions(+), 64 deletions(-)
delete mode 100644 recipes/deltacloud_recipe/manifests/postgres.pp
delete mode 100644 recipes/deltacloud_recipe/manifests/time.pp
diff --git a/bin/dc-install b/bin/dc-install
index efa1f5a..8583232 100755
--- a/bin/dc-install
+++ b/bin/dc-install
@@ -1,4 +1,4 @@
#!/bin/sh
puppet /usr/share/deltacloud-recipe/deltacloud_recipe.pp \
- --modulepath=/usr/share/deltacloud-recipe/modules/:/usr/share/ace/modules/
+ --modulepath=/usr/share/deltacloud-recipe/modules/
diff --git a/bin/dc-services b/bin/dc-services
index 415ba7b..0612c33 100755
--- a/bin/dc-services
+++ b/bin/dc-services
@@ -1,4 +1,4 @@
#!/bin/sh
puppet /usr/share/deltacloud-recipe/deltacloud_stop_services.pp \
- --modulepath=/usr/share/deltacloud-recipe/modules/:/usr/share/ace/modules/
+ --modulepath=/usr/share/deltacloud-recipe/modules/
diff --git a/bin/dc-uninstall b/bin/dc-uninstall
index 7cf4c69..02a99de 100755
--- a/bin/dc-uninstall
+++ b/bin/dc-uninstall
@@ -1,4 +1,4 @@
#!/bin/sh
puppet /usr/share/deltacloud-recipe/deltacloud_uninstall.pp \
- --modulepath=/usr/share/deltacloud-recipe/modules/:/usr/share/ace/modules/
+ --modulepath=/usr/share/deltacloud-recipe/modules/
diff --git a/contrib/deltacloud_recipe.spec b/contrib/deltacloud_recipe.spec
index 882013a..a598101 100644
--- a/contrib/deltacloud_recipe.spec
+++ b/contrib/deltacloud_recipe.spec
@@ -14,11 +14,6 @@ BuildRoot: %{_tmppath}/%{name}-%{version}
BuildArch: noarch
Requires: ruby
-# We only leverage the firewall module from this,
-# not worth the overhead of pulling this in, so
-# we should implmenet our own
-Requires: ace
-
# To send a request to iwhd rest interface to
# create buckets, eventually replace w/ an
# iwhd client
diff --git a/recipes/deltacloud_recipe/manifests/deltacloud.pp
b/recipes/deltacloud_recipe/manifests/deltacloud.pp
index 0924075..39563ec 100644
--- a/recipes/deltacloud_recipe/manifests/deltacloud.pp
+++ b/recipes/deltacloud_recipe/manifests/deltacloud.pp
@@ -1,11 +1,10 @@
# Deltacloud puppet definitions
import "firewall"
-
import "postgres"
import "rails"
import "selinux"
-import "time"
+import "ntp"
# Setup repos which to pull deltacloud components
define dc::repos(){
@@ -147,8 +146,7 @@ define dc::selinux(){
# Setup firewall for deltacloud
define dc::firewall(){
- firewall::setup{'deltacloud': status=>"enabled"}
- firewall_open_port{"httpd": port => "80", policy =>
"tcp"}
+ firewall::rule{"http": destination_port => '80'}
}
# TODO disable selinux until we're sure everything works w/ it enabled
@@ -176,7 +174,7 @@ define dc::service::start(){
}
'core': {
- time::sync{"deltacloud":} # we need to sync time to communicate w/ cloud
providers
+ include ntp::client # we need to sync time to communicate w/ cloud providers
file {"/etc/init.d/deltacloud-core":
source => "puppet:///deltacloud_recipe/deltacloud-core",
mode => 755 }
@@ -327,13 +325,12 @@ define dc::db(){
# to make the db that gets setup configurable
file { "/var/lib/pgsql/data/pg_hba.conf":
source => "puppet:///deltacloud_recipe/pg_hba.conf",
- require => Postgres::Initialize[init_db] }
- postgres::initialize{'init_db':}
- postgres::start{'start_db': require =>
File["/var/lib/pgsql/data/pg_hba.conf"]}
+ require => Exec["pginitdb"] }
+ include postgres::server
postgres::user{"dcloud":
password => "v23zj59an",
roles => "CREATEDB",
- require => Postgres::Start[start_db]}
+ require => Service["postgresql"]}
# Create deltacloud database
@@ -356,7 +353,9 @@ define dc::db::destroy(){
"deltacloud-condor_refreshd",
"deltacloud-dbomatic",
"deltacloud-image_builder_service"]}
- postgres::user::remove{"dcloud": require =>
Rails::Drop::Db["drop_deltacloud_database"]}
+ postgres::user{"dcloud":
+ ensure => 'dropped',
+ require => Rails::Drop::Db["drop_deltacloud_database"]}
}
# Create a new site admin aggregator web user
diff --git a/recipes/deltacloud_recipe/manifests/postgres.pp
b/recipes/deltacloud_recipe/manifests/postgres.pp
deleted file mode 100644
index 6a639b4..0000000
--- a/recipes/deltacloud_recipe/manifests/postgres.pp
+++ /dev/null
@@ -1,38 +0,0 @@
-# Some convenience routines for postgres
-
-package { ["postgresql", "postgresql-server"]:
- ensure => "installed", provider => "yum" }
-
-define postgres::initialize(){
- exec{"initialize_postgres":
- command => "/sbin/service postgresql initdb",
- unless => "/usr/bin/test -d /var/lib/pgsql/data/pg_log",
- require => Package["postgresql-server"]}
-}
-
-define postgres::start{
- service {"postgresql" :
- ensure => running,
- enable => true,
- require => Exec['initialize_postgres']}
- # XXX ugly hack, postgres takes sometime to startup even though reporting as running
- # need to pause for a bit to ensure it is running before we try to access the db
- exec{"postgresql_startup_pause":
- command => "/bin/sleep 2",
- require => Service[postgresql]
- }
-}
-
-define postgres::user($password="", $roles=""){
- exec{"create_dcloud_postgres_user":
- unless => "/usr/bin/test `psql postgres postgres -P tuples_only -c
\"select count(*) from pg_user where usename='${name}';\"` =
\"1\"",
- command => "/usr/bin/psql postgres postgres -c \
- \"CREATE USER ${name} WITH PASSWORD '${password}'
${roles}\""}
-}
-
-define postgres::user::remove($password="", $roles=""){
- exec{"remove_dcloud_postgres_user":
- onlyif => "/usr/bin/test `psql postgres postgres -P tuples_only -c
\"select count(*) from pg_user where usename='${name}';\"` =
\"1\"",
- command => "/usr/bin/psql postgres postgres -c \
- \"DROP USER ${name}\""}
-}
diff --git a/recipes/deltacloud_recipe/manifests/time.pp
b/recipes/deltacloud_recipe/manifests/time.pp
deleted file mode 100644
index c3db854..0000000
--- a/recipes/deltacloud_recipe/manifests/time.pp
+++ /dev/null
@@ -1,8 +0,0 @@
-# Some convenience routines for system time manipulation
-
-# Sync system time via ntp
-define time::sync(){
- exec{"sync_time":
- command => "/usr/sbin/ntpdate pool.ntp.org"
- }
-}
--
1.7.2.3
1:59 p.m.
New subject: [PATCH appliance 5/7] add 'modules' to file path to get rid of puppet deprication warning
---
recipes/deltacloud_recipe/manifests/deltacloud.pp | 12 ++++++------
1 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/recipes/deltacloud_recipe/manifests/deltacloud.pp
b/recipes/deltacloud_recipe/manifests/deltacloud.pp
index 39563ec..2d791a2 100644
--- a/recipes/deltacloud_recipe/manifests/deltacloud.pp
+++ b/recipes/deltacloud_recipe/manifests/deltacloud.pp
@@ -156,7 +156,7 @@ define dc::service::start(){
case $name {
'aggregator': {
file {"/var/lib/condor/condor_config.local":
- source => "puppet:///deltacloud_recipe/condor_config.local",
+ source =>
"puppet:///modules/deltacloud_recipe/condor_config.local",
require => Package['deltacloud-aggregator-daemons'] }
service { ['condor', 'httpd']:
ensure => 'running',
@@ -176,7 +176,7 @@ define dc::service::start(){
'core': {
include ntp::client # we need to sync time to communicate w/ cloud providers
file {"/etc/init.d/deltacloud-core":
- source => "puppet:///deltacloud_recipe/deltacloud-core",
+ source =>
"puppet:///modules/deltacloud_recipe/deltacloud-core",
mode => 755 }
service { 'deltacloud-core':
ensure => 'running',
@@ -202,7 +202,7 @@ define dc::service::start(){
'image-factory': {
dc::configure_boxgrinder{'conf_bxg':}
file { "/etc/qpidd.conf":
- source => "puppet:///deltacloud_recipe/qpidd.conf",
+ source =>
"puppet:///modules/deltacloud_recipe/qpidd.conf",
mode => 644 }
service {'qpidd':
ensure => 'running',
@@ -210,7 +210,7 @@ define dc::service::start(){
require => [File['/etc/qpidd.conf'],
Package['deltacloud-aggregator-daemons']]}
file { "/etc/imagefactory.yml":
- source => "puppet:///deltacloud_recipe/imagefactory.yml",
+ source =>
"puppet:///modules/deltacloud_recipe/imagefactory.yml",
mode => 644 }
$requires = [Package['rubygem-deltacloud-image-builder-agent'],
Package['deltacloud-aggregator-daemons'],
@@ -297,7 +297,7 @@ define dc::configure_boxgrinder(){
ensure => "directory",
require => File["/root/.boxgrinder"]}
file { "/root/.boxgrinder/plugins/local":
- source =>
"puppet:///deltacloud_recipe/root-boxgrinder-plugins-local",
+ source =>
"puppet:///modules/deltacloud_recipe/root-boxgrinder-plugins-local",
mode => 644 }
}
@@ -324,7 +324,7 @@ define dc::db(){
# Right now we configure and start postgres, at some point I want
# to make the db that gets setup configurable
file { "/var/lib/pgsql/data/pg_hba.conf":
- source => "puppet:///deltacloud_recipe/pg_hba.conf",
+ source => "puppet:///modules/deltacloud_recipe/pg_hba.conf",
require => Exec["pginitdb"] }
include postgres::server
postgres::user{"dcloud":
--
1.7.2.3
1:59 p.m.
New subject: [PATCH appliance 6/7] refactor recipe from an action based to a state based solution
bringing it more inline w/ how puppet normally works
---
recipes/deltacloud_recipe/deltacloud_recipe.pp | 27 +-
recipes/deltacloud_recipe/deltacloud_uninstall.pp | 19 +-
recipes/deltacloud_recipe/manifests/aggregator.pp | 187 ++++++++++
recipes/deltacloud_recipe/manifests/core.pp | 33 ++
recipes/deltacloud_recipe/manifests/deltacloud.pp | 368 +-------------------
.../deltacloud_recipe/manifests/image-factory.pp | 80 +++++
recipes/deltacloud_recipe/manifests/iwhd.pp | 40 +++
7 files changed, 360 insertions(+), 394 deletions(-)
create mode 100644 recipes/deltacloud_recipe/manifests/aggregator.pp
create mode 100644 recipes/deltacloud_recipe/manifests/core.pp
create mode 100644 recipes/deltacloud_recipe/manifests/image-factory.pp
create mode 100644 recipes/deltacloud_recipe/manifests/iwhd.pp
diff --git a/recipes/deltacloud_recipe/deltacloud_recipe.pp
b/recipes/deltacloud_recipe/deltacloud_recipe.pp
index d7e8765..83c8037 100644
--- a/recipes/deltacloud_recipe/deltacloud_recipe.pp
+++ b/recipes/deltacloud_recipe/deltacloud_recipe.pp
@@ -25,30 +25,17 @@
# Modules used by the recipe
import "deltacloud_recipe/deltacloud"
-# setup the deltacloud repositories
-dc::repos{"deltacloud":}
-
-# install deltacloud components
-dc::package::install{["aggregator", "core"]:
- require => Dc::Repos["deltacloud"]}
-
-# setup selinux
-dc::selinux{'deltacloud':}
-
-# setup the firewall
-dc::firewall{'deltacloud':}
-
-# setup deltacloud db
-dc::db{"postgres":}
-
-# start deltacloud services
-dc::service::start{["aggregator", "core", 'iwhd',
'image-factory']:}
+# include the various deltacloud components
+include deltacloud::aggregator
+include deltacloud::core
+include deltacloud::image-factory
+include deltacloud::iwhd
# create bucket in image warehouse
-dc::create_bucket{"deltacloud":}
+deltacloud::create_bucket{"deltacloud":}
# Create dcuser aggregator web user
-dc::site_admin{"admin":
+deltacloud::site_admin{"admin":
email => 'dcuser(a)deltacloud.org',
password => 'password',
first_name => 'deltacloud',
diff --git a/recipes/deltacloud_recipe/deltacloud_uninstall.pp
b/recipes/deltacloud_recipe/deltacloud_uninstall.pp
index b39d423..013f669 100644
--- a/recipes/deltacloud_recipe/deltacloud_uninstall.pp
+++ b/recipes/deltacloud_recipe/deltacloud_uninstall.pp
@@ -25,17 +25,8 @@
# Modules used by the recipe
import "deltacloud_recipe/deltacloud"
-$packages = ["aggregator", "core"]
-
-# stop deltacloud services
-dc::service::stop{["aggregator", "core", 'iwhd',
'image-factory']:}
-
-# destroy deltacloud db
-dc::db::destroy{"postgres":
- require => Dc::Service::Stop['aggregator']}
-
-# install deltacloud components
-dc::package::uninstall{$packages:
- require => Dc::Db::Destroy['postgres']}
-
-dc::cleanup{"deltacloud": require => Dc::Package::Uninstall[$packages]}
+# disable the various deltacloud components
+include deltacloud::aggregator::disabled
+include deltacloud::core::disabled
+include deltacloud::iwhd::disabled
+include deltacloud::image-factory::disabled
diff --git a/recipes/deltacloud_recipe/manifests/aggregator.pp
b/recipes/deltacloud_recipe/manifests/aggregator.pp
new file mode 100644
index 0000000..0072a0f
--- /dev/null
+++ b/recipes/deltacloud_recipe/manifests/aggregator.pp
@@ -0,0 +1,187 @@
+# Deltacloud aggregator puppet definitions
+
+class deltacloud::aggregator inherits deltacloud {
+ ### Install the deltacloud components
+ # specific versions of these two packages are needed and we need to pull the third
in
+ package { 'python-imgcreate':
+ provider => 'rpm', ensure => installed,
+ source =>
'http://repos.fedorapeople.org/repos/deltacloud/appliance/fedora-13/x86_64/python-imgcreate-031-1.fc12.1.x86_64.rpm'}
+ package { 'livecd-tools':
+ provider => 'rpm', ensure => installed,
+ source =>
'http://repos.fedorapeople.org/repos/deltacloud/appliance/fedora-13/x86_64/livecd-tools-031-1.fc12.1.x86_64.rpm',
+ require => Package['python-imgcreate']}
+ package { 'appliance-tools':
+ provider => 'yum', ensure => installed,
+ require => Package["livecd-tools",
"python-imgcreate"]}
+
+ # TODO: Fix me, find a better way to do this...
+ # We need to also install this rpm from amazon
+ package{"ec2-ami-tools":
+ provider => "rpm",
+ source =>
"http://s3.amazonaws.com/ec2-downloads/ec2-ami-tools.noarch.rpm",
+ ensure => 'installed' }
+
+ package { 'rubygem-deltacloud-client':
+ provider => 'yum', ensure => 'installed' }
+ package { 'rubygem-deltacloud-image-builder-agent':
+ provider => 'yum', ensure => 'installed',
+ require => Package['appliance-tools',
'livecd-tools', 'python-imgcreate', 'ec2-ami-tools']}
+ package { 'iwhd':
+ provider => 'yum', ensure => 'installed' }
+
+
+ package {['deltacloud-aggregator',
+ 'deltacloud-aggregator-daemons',
+ 'deltacloud-aggregator-doc']:
+ provider => 'yum', ensure => 'installed',
+ require => Package['rubygem-deltacloud-client',
+ 'rubygem-deltacloud-image-builder-agent',
+ 'iwhd']}
+
+ ### Setup selinux for deltacloud
+ selinux::mode{"permissive":}
+
+ ### Setup firewall for deltacloud
+ firewall::rule{"http": destination_port => '80'}
+
+ ### Start the deltacloud services
+ file {"/var/lib/condor/condor_config.local":
+ source =>
"puppet:///modules/deltacloud_recipe/condor_config.local",
+ require => Package['deltacloud-aggregator-daemons'] }
+ service { ['condor', 'httpd']:
+ ensure => 'running',
+ enable => true,
+ require => File['/var/lib/condor/condor_config.local'] }
+ service { ['deltacloud-aggregator',
+ 'deltacloud-condor_refreshd',
+ 'deltacloud-dbomatic']:
+ ensure => 'running',
+ enable => true,
+ hasstatus => true,
+ require => [Package['deltacloud-aggregator-daemons'],
+ Rails::Migrate::Db[migrate_deltacloud_database],
+ Service[condor]] }
+
+ ### Initialize and start the deltacloud database
+ # Right now we configure and start postgres, at some point I want
+ # to make the db that gets setup configurable
+ include postgres::server
+ file { "/var/lib/pgsql/data/pg_hba.conf":
+ source => "puppet:///modules/deltacloud_recipe/pg_hba.conf",
+ require => Exec["pginitdb"] }
+ postgres::user{"dcloud":
+ password => "v23zj59an",
+ roles => "CREATEDB",
+ require => Service["postgresql"]}
+
+
+ # Create deltacloud database
+ rails::create::db{"create_deltacloud_database":
+ cwd => "/usr/share/deltacloud-aggregator",
+ rails_env => "production",
+ require => [Postgres::User[dcloud],
Package['deltacloud-aggregator']]}
+ rails::migrate::db{"migrate_deltacloud_database":
+ cwd => "/usr/share/deltacloud-aggregator",
+ rails_env => "production",
+ require => Rails::Create::Db[create_deltacloud_database]}
+}
+
+class deltacloud::aggregator::disabled {
+ ### Uninstall the deltacloud components
+ package {['deltacloud-aggregator-daemons',
+ 'deltacloud-aggregator-doc']:
+ provider => 'yum', ensure => 'absent',
+ require => Service['deltacloud-aggregator',
+ 'deltacloud-condor_refreshd',
+ 'deltacloud-dbomatic',
+ 'imagefactoryd',
+ 'deltacloud-image_builder_service']}
+
+ package {'deltacloud-aggregator':
+ provider => 'yum', ensure => 'absent',
+ require => Package['deltacloud-aggregator-daemons',
+ 'deltacloud-aggregator-doc'] }
+ package { 'rubygem-deltacloud-client':
+ provider => 'yum', ensure => 'absent',
+ require => Package['deltacloud-aggregator']}
+ package { 'rubygem-deltacloud-image-builder-agent':
+ provider => 'yum', ensure => 'absent',
+ require => Package['deltacloud-aggregator']}
+ package { 'iwhd':
+ provider => 'yum', ensure => 'absent',
+ require => [Package['deltacloud-aggregator'],
Service['iwhd']]}
+
+ # FIXME these lingering dependencies, pulled in for
+ # rubygem-deltacloud-image-builder-agent, need to be removed as
+ # ec2-ami-tools and appliance-tools depend on them and using
+ # 'absent' in the context of the 'yum' provider dispatches
+ # to 'rpm -e' instead of 'yum erase'
+ package { ['rubygem-boxgrinder-build-ec2-platform-plugin',
+ 'rubygem-boxgrinder-build-centos-os-plugin',
+ 'rubygem-boxgrinder-build-fedora-os-plugin']:
+ provider => "yum", ensure => 'absent',
+ require => Package['rubygem-deltacloud-image-builder-agent']}
+ package { 'rubygem-boxgrinder-build-rhel-os-plugin':
+ provider => "yum", ensure => 'absent',
+ require =>
Package['rubygem-boxgrinder-build-centos-os-plugin']}
+ package { 'rubygem-boxgrinder-build-rpm-based-os-plugin':
+ provider => "yum", ensure => 'absent',
+ require => Package['rubygem-boxgrinder-build-rhel-os-plugin',
+ 'rubygem-boxgrinder-build-fedora-os-plugin']}
+
+ package { 'ec2-ami-tools':
+ provider => "yum", ensure => 'absent',
+ require =>
Package['rubygem-boxgrinder-build-ec2-platform-plugin']}
+ package { 'appliance-tools':
+ provider => 'yum', ensure => 'absent',
+ require =>
Package['rubygem-boxgrinder-build-rpm-based-os-plugin']}
+ package { 'livecd-tools':
+ provider => 'yum', ensure => 'absent',
+ require => Package['appliance-tools']}
+ package { 'python-imgcreate':
+ provider => 'yum', ensure => 'absent',
+ require => Package['appliance-tools',
'livecd-tools']}
+
+
+ ### Stop the deltacloud services
+ service { ['condor', 'httpd']:
+ ensure => 'stopped',
+ enable => false,
+ require => Service['deltacloud-aggregator',
+ 'deltacloud-condor_refreshd',
+ 'deltacloud-dbomatic'] }
+ service { ['deltacloud-aggregator',
+ 'deltacloud-condor_refreshd',
+ 'deltacloud-dbomatic']:
+ ensure => 'stopped',
+ enable => false,
+ hasstatus => true }
+
+ ### Destroy the deltacloud database
+ rails::drop::db{"drop_deltacloud_database":
+ cwd => "/usr/share/deltacloud-aggregator",
+ rails_env => "production",
+ require => Service["deltacloud-aggregator",
+ "deltacloud-condor_refreshd",
+ "deltacloud-dbomatic",
+ "deltacloud-image_builder_service"]}
+ postgres::user{"dcloud":
+ ensure => 'dropped',
+ require => Rails::Drop::Db["drop_deltacloud_database"]}
+}
+
+# Create a new site admin aggregator web user
+define deltacloud::site_admin($email="", $password="",
$first_name="", $last_name=""){
+ exec{"create_site_admin_user":
+ cwd => '/usr/share/deltacloud-aggregator',
+ environment => "RAILS_ENV=production",
+ command => "/usr/bin/rake dc:create_user[${name}] email=${email}
password=${password} first_name=${first_name} last_name=${last_name}",
+ unless => "/usr/bin/test `psql dcloud dcloud -P tuples_only -c
\"select count(*) from users where login = '${name}';\"` =
\"1\"",
+ require => Rails::Migrate::Db["migrate_deltacloud_database"]}
+ exec{"grant_site_admin_privs":
+ cwd => '/usr/share/deltacloud-aggregator',
+ environment => "RAILS_ENV=production",
+ command => "/usr/bin/rake dc:site_admin[${name}]",
+ unless => "/usr/bin/test `psql dcloud dcloud -P tuples_only -c
\"select count(*) FROM roles INNER JOIN permissions ON (roles.id =
permissions.role_id) INNER JOIN users ON (permissions.user_id = users.id) where roles.name
= 'Administrator' AND users.login = '${name}';\"` =
\"1\"",
+ require => Exec[create_site_admin_user]}
+}
diff --git a/recipes/deltacloud_recipe/manifests/core.pp
b/recipes/deltacloud_recipe/manifests/core.pp
new file mode 100644
index 0000000..381e76f
--- /dev/null
+++ b/recipes/deltacloud_recipe/manifests/core.pp
@@ -0,0 +1,33 @@
+# Deltacloud core puppet definitions
+
+class deltacloud::core inherits deltacloud {
+ ### Install the deltacloud components
+ package { 'rubygem-deltacloud-core':
+ provider => 'yum', ensure => 'installed'}
+ file { "/var/log/deltacloud-core": ensure => 'directory' }
+
+ ### we need to sync time to communicate w/ cloud providers
+ include ntp::client
+
+ ### Start the deltacloud services
+ file {"/etc/init.d/deltacloud-core":
+ source => "puppet:///modules/deltacloud_recipe/deltacloud-core",
+ mode => 755 }
+ service { 'deltacloud-core':
+ ensure => 'running',
+ enable => true,
+ require => [Package['rubygem-deltacloud-core'],
+ File['/etc/init.d/deltacloud-core']] }
+}
+
+class deltacloud::core::disabled {
+ ### Uninstall the deltacloud components
+ package { 'rubygem-deltacloud-core':
+ provider => 'yum', ensure => 'absent',
+ require => Service['deltacloud-core']}
+
+ ### Stop the deltacloud services
+ service { 'deltacloud-core':
+ ensure => 'stopped',
+ enable => false}
+}
diff --git a/recipes/deltacloud_recipe/manifests/deltacloud.pp
b/recipes/deltacloud_recipe/manifests/deltacloud.pp
index 2d791a2..5746ccd 100644
--- a/recipes/deltacloud_recipe/manifests/deltacloud.pp
+++ b/recipes/deltacloud_recipe/manifests/deltacloud.pp
@@ -6,8 +6,14 @@ import "rails"
import "selinux"
import "ntp"
-# Setup repos which to pull deltacloud components
-define dc::repos(){
+import "aggregator"
+import "core"
+import "iwhd"
+import "image-factory"
+
+# Base deltacloud class
+class deltacloud {
+ # Setup repos which to pull deltacloud components
yumrepo{"${name}_arch":
name => "${name}_arch",
baseurl =>
'http://repos.fedorapeople.org/repos/deltacloud/appliance/fedora-$releasever/$basearch',
@@ -21,361 +27,3 @@ define dc::repos(){
baseurl =>
'http://repos.fedorapeople.org/repos/pulp/pulp/fedora-13/$basearch/',
enabled => 1, gpgcheck => 0}
}
-
-# Install the deltacloud components
-define dc::package::install(){
- case $name {
- 'aggregator': {
- # specific versions of these two packages are needed and we need to pull the third
in
- package { 'python-imgcreate':
- provider => 'rpm', ensure => installed,
- source =>
'http://repos.fedorapeople.org/repos/deltacloud/appliance/fedora-13/x86_64/python-imgcreate-031-1.fc12.1.x86_64.rpm'}
- package { 'livecd-tools':
- provider => 'rpm', ensure => installed,
- source =>
'http://repos.fedorapeople.org/repos/deltacloud/appliance/fedora-13/x86_64/livecd-tools-031-1.fc12.1.x86_64.rpm',
- require => Package['python-imgcreate']}
- package { 'appliance-tools':
- provider => 'yum', ensure => installed,
- require => Package["livecd-tools",
"python-imgcreate"] }
-
- # TODO: Fix me, find a better way to do this...
- # We need to also install this rpm from amazon
- package{"ec2-ami-tools":
- provider => "rpm",
- source =>
"http://s3.amazonaws.com/ec2-downloads/ec2-ami-tools.noarch.rpm",
- ensure => 'installed' }
-
- package { 'rubygem-deltacloud-client':
- provider => 'yum', ensure => 'installed' }
- package { 'rubygem-deltacloud-image-builder-agent':
- provider => 'yum', ensure => 'installed',
- require => Package['appliance-tools',
'livecd-tools', 'python-imgcreate', 'ec2-ami-tools']}
- package { 'iwhd':
- provider => 'yum', ensure => 'installed' }
-
-
- package {['deltacloud-aggregator',
- 'deltacloud-aggregator-daemons',
- 'deltacloud-aggregator-doc']:
- provider => 'yum', ensure => 'installed',
- require => Package['rubygem-deltacloud-client',
- 'rubygem-deltacloud-image-builder-agent',
- 'iwhd']}
- }
-
- 'core': {
- package { 'rubygem-deltacloud-core':
- provider => 'yum', ensure => 'installed'}
- file { "/var/log/deltacloud-core": ensure => 'directory' }
- }
- }
-}
-
-# Uninstall the deltacloud components
-define dc::package::uninstall(){
- case $name {
- 'aggregator': {
- package {['deltacloud-aggregator-daemons',
- 'deltacloud-aggregator-doc']:
- provider => 'yum', ensure => 'absent',
- require => Service['deltacloud-aggregator',
- 'deltacloud-condor_refreshd',
- 'deltacloud-dbomatic',
- 'imagefactoryd',
- 'deltacloud-image_builder_service']}
-
- package {'deltacloud-aggregator':
- provider => 'yum', ensure => 'absent',
- require => Package['deltacloud-aggregator-daemons',
- 'deltacloud-aggregator-doc'] }
- package { 'rubygem-deltacloud-client':
- provider => 'yum', ensure => 'absent',
- require => Package['deltacloud-aggregator']}
- package { 'rubygem-deltacloud-image-builder-agent':
- provider => 'yum', ensure => 'absent',
- require => Package['deltacloud-aggregator']}
- package { 'iwhd':
- provider => 'yum', ensure => 'absent',
- require => [Package['deltacloud-aggregator'],
Service['iwhd']]}
-
- # FIXME these lingering dependencies, pulled in for
- # rubygem-deltacloud-image-builder-agent, need to be removed as
- # ec2-ami-tools and appliance-tools depend on them and using
- # 'absent' in the context of the 'yum' provider dispatches
- # to 'rpm -e' instead of 'yum erase'
- package { ['rubygem-boxgrinder-build-ec2-platform-plugin',
- 'rubygem-boxgrinder-build-centos-os-plugin',
- 'rubygem-boxgrinder-build-fedora-os-plugin']:
- provider => "yum", ensure => 'absent',
- require =>
Package['rubygem-deltacloud-image-builder-agent']}
- package { 'rubygem-boxgrinder-build-rhel-os-plugin':
- provider => "yum", ensure => 'absent',
- require =>
Package['rubygem-boxgrinder-build-centos-os-plugin']}
- package { 'rubygem-boxgrinder-build-rpm-based-os-plugin':
- provider => "yum", ensure => 'absent',
- require =>
Package['rubygem-boxgrinder-build-rhel-os-plugin',
-
'rubygem-boxgrinder-build-fedora-os-plugin']}
-
- package { 'ec2-ami-tools':
- provider => "yum", ensure => 'absent',
- require =>
Package['rubygem-boxgrinder-build-ec2-platform-plugin']}
- package { 'appliance-tools':
- provider => 'yum', ensure => 'absent',
- require =>
Package['rubygem-boxgrinder-build-rpm-based-os-plugin']}
- package { 'livecd-tools':
- provider => 'yum', ensure => 'absent',
- require => Package['appliance-tools']}
- package { 'python-imgcreate':
- provider => 'yum', ensure => 'absent',
- require => Package['appliance-tools',
'livecd-tools']}
-
- }
-
- 'core': {
- package { 'rubygem-deltacloud-core':
- provider => 'yum', ensure => 'absent',
- require => Service['deltacloud-core']}
- }
- }
-}
-
-# Setup selinux for deltacloud
-define dc::selinux(){
- selinux::mode{"permissive":}
-}
-
-# Setup firewall for deltacloud
-define dc::firewall(){
- firewall::rule{"http": destination_port => '80'}
-}
-
-# TODO disable selinux until we're sure everything works w/ it enabled
-
-# Start the deltacloud services
-define dc::service::start(){
- case $name {
- 'aggregator': {
- file {"/var/lib/condor/condor_config.local":
- source =>
"puppet:///modules/deltacloud_recipe/condor_config.local",
- require => Package['deltacloud-aggregator-daemons'] }
- service { ['condor', 'httpd']:
- ensure => 'running',
- enable => true,
- require => File['/var/lib/condor/condor_config.local'] }
- service { ['deltacloud-aggregator',
- 'deltacloud-condor_refreshd',
- 'deltacloud-dbomatic']:
- ensure => 'running',
- enable => true,
- hasstatus => true,
- require => [Package['deltacloud-aggregator-daemons'],
- Rails::Migrate::Db[migrate_deltacloud_database],
- Service[condor]] }
- }
-
- 'core': {
- include ntp::client # we need to sync time to communicate w/ cloud providers
- file {"/etc/init.d/deltacloud-core":
- source =>
"puppet:///modules/deltacloud_recipe/deltacloud-core",
- mode => 755 }
- service { 'deltacloud-core':
- ensure => 'running',
- enable => true,
- require => [Package['rubygem-deltacloud-core'],
- File['/etc/init.d/deltacloud-core']] }
- }
-
- 'iwhd': {
- file { "/data": ensure => 'directory' }
- file { "/data/db": ensure => 'directory' }
- service { 'mongod':
- ensure => 'running',
- enable => true,
- require => [Package['iwhd'], File["/data/db"]]}
- service { 'iwhd':
- ensure => 'running',
- enable => true,
- require => [Package['iwhd'],
- Service[mongod]]}
- }
-
- 'image-factory': {
- dc::configure_boxgrinder{'conf_bxg':}
- file { "/etc/qpidd.conf":
- source =>
"puppet:///modules/deltacloud_recipe/qpidd.conf",
- mode => 644 }
- service {'qpidd':
- ensure => 'running',
- enable => true,
- require => [File['/etc/qpidd.conf'],
- Package['deltacloud-aggregator-daemons']]}
- file { "/etc/imagefactory.yml":
- source =>
"puppet:///modules/deltacloud_recipe/imagefactory.yml",
- mode => 644 }
- $requires = [Package['rubygem-deltacloud-image-builder-agent'],
- Package['deltacloud-aggregator-daemons'],
- File['/etc/imagefactory.yml'],
- Service[qpidd],
- Rails::Migrate::Db[migrate_deltacloud_database],
- Dc::Configure_boxgrinder['conf_bxg']]
- service { 'imagefactoryd':
- ensure => 'running',
- enable => true,
- require => $requires}
- service { 'deltacloud-image_builder_service':
- ensure => 'running',
- enable => true,
- hasstatus => true,
- require => $requires}
- }
- }
-}
-
-# Stop the deltacloud services
-define dc::service::stop(){
- case $name {
- 'aggregator': {
- service { ['condor', 'httpd']:
- ensure => 'stopped',
- enable => false,
- require => Service['deltacloud-aggregator',
- 'deltacloud-condor_refreshd',
- 'deltacloud-dbomatic'] }
- service { ['deltacloud-aggregator',
- 'deltacloud-condor_refreshd',
- 'deltacloud-dbomatic']:
- ensure => 'stopped',
- enable => false,
- hasstatus => true }
- }
-
- 'core': {
- service { 'deltacloud-core':
- ensure => 'stopped',
- enable => false}
- }
-
- 'iwhd': {
- service { 'mongod':
- ensure => 'stopped',
- enable => false,
- require => Service[iwhd]}
- service { 'iwhd':
- ensure => 'stopped',
- enable => false}
- }
-
- 'image-factory': {
- service {'qpidd':
- ensure => 'stopped',
- enable => false,
- require => Service['imagefactoryd',
'deltacloud-image_builder_service']}
-
- service { 'imagefactoryd':
- ensure => 'stopped',
- enable => false}
-
- service { 'deltacloud-image_builder_service':
- ensure => 'stopped',
- hasstatus => true,
- enable => false}
- }
- }
-}
-
-# Configure boxgrinder, this should go into the boxgrinder rpms eventually
-define dc::configure_boxgrinder(){
- file { "/boxgrinder": ensure => "directory"}
- file { "/boxgrinder/appliances":
- ensure => "directory",
- require => File["/boxgrinder"]}
- file { "/boxgrinder/packaged_builders":
- ensure => "directory",
- require => File["/boxgrinder"]}
- file { "/root/.boxgrinder": ensure => "directory"}
- file { "/root/.boxgrinder/plugins":
- ensure => "directory",
- require => File["/root/.boxgrinder"]}
- file { "/root/.boxgrinder/plugins/local":
- source =>
"puppet:///modules/deltacloud_recipe/root-boxgrinder-plugins-local",
- mode => 644 }
-}
-
-# Configure pulp to fetch from Fedora
-# TODO uncomment when factory/warehouse uses pulp
-#exec{"pulp_fedora_config":
-# command => "/usr/bin/pulp-admin -u admin -p admin repo create
--id=fedora-repo --feed
yum:http://download.fedora.redhat.com/pub/fedora/linux/updates/13/x86_64/...
-#}
-
-# Create a named bucket in iwhd
-define dc::create_bucket(){
- package{'curl': ensure => 'installed'}
- # XXX ugly hack but iwhd might take some time to come up
- exec{"iwhd_startup_pause":
- command => "/bin/sleep 2",
- require => Service[iwhd]}
- exec{"create-bucket-${name}":
- command => "/usr/bin/curl -X PUT http://localhost:9090/templates";,
- require => [Exec['iwhd_startup_pause'], Package[curl]] }
-}
-
-# Initialize and start the deltacloud database
-define dc::db(){
- # Right now we configure and start postgres, at some point I want
- # to make the db that gets setup configurable
- file { "/var/lib/pgsql/data/pg_hba.conf":
- source => "puppet:///modules/deltacloud_recipe/pg_hba.conf",
- require => Exec["pginitdb"] }
- include postgres::server
- postgres::user{"dcloud":
- password => "v23zj59an",
- roles => "CREATEDB",
- require => Service["postgresql"]}
-
-
- # Create deltacloud database
- rails::create::db{"create_deltacloud_database":
- cwd => "/usr/share/deltacloud-aggregator",
- rails_env => "production",
- require => [Postgres::User[dcloud],
Package['deltacloud-aggregator']]}
- rails::migrate::db{"migrate_deltacloud_database":
- cwd => "/usr/share/deltacloud-aggregator",
- rails_env => "production",
- require => Rails::Create::Db[create_deltacloud_database]}
-}
-
-# Destroy the deltacloud database
-define dc::db::destroy(){
- rails::drop::db{"drop_deltacloud_database":
- cwd => "/usr/share/deltacloud-aggregator",
- rails_env => "production",
- require => Service["deltacloud-aggregator",
- "deltacloud-condor_refreshd",
- "deltacloud-dbomatic",
- "deltacloud-image_builder_service"]}
- postgres::user{"dcloud":
- ensure => 'dropped',
- require => Rails::Drop::Db["drop_deltacloud_database"]}
-}
-
-# Create a new site admin aggregator web user
-define dc::site_admin($email="", $password="",
$first_name="", $last_name=""){
- exec{"create_site_admin_user":
- cwd => '/usr/share/deltacloud-aggregator',
- environment => "RAILS_ENV=production",
- command => "/usr/bin/rake dc:create_user[${name}] email=${email}
password=${password} first_name=${first_name} last_name=${last_name}",
- unless => "/usr/bin/test `psql dcloud dcloud -P tuples_only -c
\"select count(*) from users where login = '${name}';\"` =
\"1\"",
- require => Rails::Migrate::Db["migrate_deltacloud_database"]}
- exec{"grant_site_admin_privs":
- cwd => '/usr/share/deltacloud-aggregator',
- environment => "RAILS_ENV=production",
- command => "/usr/bin/rake dc:site_admin[${name}]",
- unless => "/usr/bin/test `psql dcloud dcloud -P tuples_only -c
\"select count(*) FROM roles INNER JOIN permissions ON (roles.id =
permissions.role_id) INNER JOIN users ON (permissions.user_id = users.id) where roles.name
= 'Administrator' AND users.login = '${name}';\"` =
\"1\"",
- require => Exec[create_site_admin_user]}
-}
-
-# Destroy and cleanup deltacloud artifacts
-define dc::cleanup(){
- exec{"remove_deltacloud_templates": command => "/bin/rm -rf
/templates"}
- exec{"remove_boxgrinder_dir": command => "/bin/rm -rf
/boxgrinder"}
-}
diff --git a/recipes/deltacloud_recipe/manifests/image-factory.pp
b/recipes/deltacloud_recipe/manifests/image-factory.pp
new file mode 100644
index 0000000..0888dd8
--- /dev/null
+++ b/recipes/deltacloud_recipe/manifests/image-factory.pp
@@ -0,0 +1,80 @@
+# Deltacloud image factory puppet definitions
+
+class deltacloud::image-factory inherits deltacloud {
+ ### Configure boxgrinder, this should go into the boxgrinder rpms eventually
+ file { "/boxgrinder": ensure => "directory"}
+ file { "/boxgrinder/appliances":
+ ensure => "directory",
+ require => File["/boxgrinder"]}
+ file { "/boxgrinder/packaged_builders":
+ ensure => "directory",
+ require => File["/boxgrinder"]}
+ file { "/root/.boxgrinder": ensure => "directory"}
+ file { "/root/.boxgrinder/plugins":
+ ensure => "directory",
+ require => File["/root/.boxgrinder"]}
+ file { "/root/.boxgrinder/plugins/local":
+ source =>
"puppet:///modules/deltacloud_recipe/root-boxgrinder-plugins-local",
+ mode => 644,
+ require => File["/root/.boxgrinder/plugins"]}
+ notify { 'boxgrinder_configured':
+ message => 'boxgrinder successfully configured',
+ require => File['/root/.boxgrinder/plugins/local',
+ '/boxgrinder/packaged_builders',
+ '/boxgrinder/appliances'] }
+
+ ### Configure pulp to fetch from Fedora
+ # TODO uncomment when factory/warehouse uses pulp
+ #exec{"pulp_fedora_config":
+ # command => "/usr/bin/pulp-admin -u admin -p admin repo create
--id=fedora-repo --feed
yum:http://download.fedora.redhat.com/pub/fedora/linux/updates/13/x86_64/...
+ #}
+
+ ### Start the deltacloud services
+ file { "/etc/qpidd.conf":
+ source => "puppet:///modules/deltacloud_recipe/qpidd.conf",
+ mode => 644 }
+ service {'qpidd':
+ ensure => 'running',
+ enable => true,
+ require => [File['/etc/qpidd.conf'],
+ Package['deltacloud-aggregator-daemons']]}
+ file { "/etc/imagefactory.yml":
+ source =>
"puppet:///modules/deltacloud_recipe/imagefactory.yml",
+ mode => 644 }
+ $requires = [Package['rubygem-deltacloud-image-builder-agent'],
+ Package['deltacloud-aggregator-daemons'],
+ File['/etc/imagefactory.yml'],
+ Service[qpidd],
+ Rails::Migrate::Db[migrate_deltacloud_database],
+ Notify['boxgrinder_configured']]
+ service { 'imagefactoryd':
+ ensure => 'running',
+ enable => true,
+ require => $requires}
+ service { 'deltacloud-image_builder_service':
+ ensure => 'running',
+ enable => true,
+ hasstatus => true,
+ require => $requires}
+}
+
+class deltacloud::image-factory::disabled {
+ ### Stop the deltacloud services
+ service {'qpidd':
+ ensure => 'stopped',
+ enable => false,
+ require => Service['imagefactoryd',
'deltacloud-image_builder_service']}
+
+ service { 'imagefactoryd':
+ ensure => 'stopped',
+ enable => false}
+
+ service { 'deltacloud-image_builder_service':
+ ensure => 'stopped',
+ hasstatus => true,
+ enable => false}
+
+ ### Destroy and cleanup deltacloud artifacts
+ exec{"remove_deltacloud_templates": command => "/bin/rm -rf
/templates"}
+ exec{"remove_boxgrinder_dir": command => "/bin/rm -rf
/boxgrinder"}
+}
diff --git a/recipes/deltacloud_recipe/manifests/iwhd.pp
b/recipes/deltacloud_recipe/manifests/iwhd.pp
new file mode 100644
index 0000000..9711b75
--- /dev/null
+++ b/recipes/deltacloud_recipe/manifests/iwhd.pp
@@ -0,0 +1,40 @@
+# Deltacloud iwhd puppet definitions
+
+class deltacloud::iwhd inherits deltacloud {
+ ### Start the deltacloud services
+ file { "/data": ensure => 'directory' }
+ file { "/data/db": ensure => 'directory' }
+ service { 'mongod':
+ ensure => 'running',
+ enable => true,
+ require => [Package['iwhd'], File["/data/db"]]}
+ service { 'iwhd':
+ ensure => 'running',
+ enable => true,
+ require => [Package['iwhd'],
+ Service[mongod]]}
+}
+
+class deltacloud::iwhd::disabled {
+ ### Stop the deltacloud services
+ service { 'mongod':
+ ensure => 'stopped',
+ enable => false,
+ require => Service[iwhd]}
+ service { 'iwhd':
+ ensure => 'stopped',
+ enable => false,
+ hasstatus => true}
+}
+
+# Create a named bucket in iwhd
+define deltacloud::create_bucket(){
+ package{'curl': ensure => 'installed'}
+ # XXX ugly hack but iwhd might take some time to come up
+ exec{"iwhd_startup_pause":
+ command => "/bin/sleep 2",
+ require => Service[iwhd]}
+ exec{"create-bucket-${name}":
+ command => "/usr/bin/curl -X PUT http://localhost:9090/templates";,
+ require => [Exec['iwhd_startup_pause'], Package[curl]] }
+}
--
1.7.2.3
1:59 p.m.
New subject: [PATCH appliance 7/7] various fixes
- move packages from aggregator to other components
which they belong in
- ensure rails db is dropped before uninstalling
aggregator packages
- cleanup iwhd delay so that it only occurs after
iwhd is launched and not on every bucket creation
- small fix to iwhd service to make use of service status
- small fix to postgres module to initialize db w/ UTF8
---
contrib/deltacloud_recipe.spec | 7 ++-
recipes/deltacloud_recipe/manifests/aggregator.pp | 68 +------------------
.../deltacloud_recipe/manifests/image-factory.pp | 63 ++++++++++++++++++
recipes/deltacloud_recipe/manifests/iwhd.pp | 21 +++++-
recipes/postgres/manifests/init.pp | 2 +-
5 files changed, 91 insertions(+), 70 deletions(-)
diff --git a/contrib/deltacloud_recipe.spec b/contrib/deltacloud_recipe.spec
index a598101..02ed945 100644
--- a/contrib/deltacloud_recipe.spec
+++ b/contrib/deltacloud_recipe.spec
@@ -3,7 +3,7 @@
Summary: DeltaCloud Puppet Recipe
Name: deltacloud_recipe
-Version: 0.0.3
+Version: 0.0.4
Release: 1%{?dist}
Group: Applications/Internet
@@ -49,6 +49,11 @@ rm -rf %{buildroot}
%{dchome}
%changelog
+* Wed Dec 22 2010 Mohammed Morsi <mmorsi(a)redhat.com> 0.0.4-1
+- Revamp deltacloud recipe to make it more puppetized,
+ use general purpose firewall, postgres, ntp modules,
+ and to fix many various things
+
* Wed Sep 29 2010 Mohammed Morsi <mmorsi(a)redhat.com> 0.0.3-1
- Renamed package from deltacloud appliance
- to deltacloud recipe
diff --git a/recipes/deltacloud_recipe/manifests/aggregator.pp
b/recipes/deltacloud_recipe/manifests/aggregator.pp
index 0072a0f..2be247c 100644
--- a/recipes/deltacloud_recipe/manifests/aggregator.pp
+++ b/recipes/deltacloud_recipe/manifests/aggregator.pp
@@ -3,32 +3,8 @@
class deltacloud::aggregator inherits deltacloud {
### Install the deltacloud components
# specific versions of these two packages are needed and we need to pull the third
in
- package { 'python-imgcreate':
- provider => 'rpm', ensure => installed,
- source =>
'http://repos.fedorapeople.org/repos/deltacloud/appliance/fedora-13/x86_64/python-imgcreate-031-1.fc12.1.x86_64.rpm'}
- package { 'livecd-tools':
- provider => 'rpm', ensure => installed,
- source =>
'http://repos.fedorapeople.org/repos/deltacloud/appliance/fedora-13/x86_64/livecd-tools-031-1.fc12.1.x86_64.rpm',
- require => Package['python-imgcreate']}
- package { 'appliance-tools':
- provider => 'yum', ensure => installed,
- require => Package["livecd-tools",
"python-imgcreate"]}
-
- # TODO: Fix me, find a better way to do this...
- # We need to also install this rpm from amazon
- package{"ec2-ami-tools":
- provider => "rpm",
- source =>
"http://s3.amazonaws.com/ec2-downloads/ec2-ami-tools.noarch.rpm",
- ensure => 'installed' }
-
package { 'rubygem-deltacloud-client':
provider => 'yum', ensure => 'installed' }
- package { 'rubygem-deltacloud-image-builder-agent':
- provider => 'yum', ensure => 'installed',
- require => Package['appliance-tools',
'livecd-tools', 'python-imgcreate', 'ec2-ami-tools']}
- package { 'iwhd':
- provider => 'yum', ensure => 'installed' }
-
package {['deltacloud-aggregator',
'deltacloud-aggregator-daemons',
@@ -99,49 +75,13 @@ class deltacloud::aggregator::disabled {
package {'deltacloud-aggregator':
provider => 'yum', ensure => 'absent',
- require => Package['deltacloud-aggregator-daemons',
- 'deltacloud-aggregator-doc'] }
+ require => [Package['deltacloud-aggregator-daemons',
+ 'deltacloud-aggregator-doc'],
+ Rails::Drop::Db["drop_deltacloud_database"]] }
+
package { 'rubygem-deltacloud-client':
provider => 'yum', ensure => 'absent',
require => Package['deltacloud-aggregator']}
- package { 'rubygem-deltacloud-image-builder-agent':
- provider => 'yum', ensure => 'absent',
- require => Package['deltacloud-aggregator']}
- package { 'iwhd':
- provider => 'yum', ensure => 'absent',
- require => [Package['deltacloud-aggregator'],
Service['iwhd']]}
-
- # FIXME these lingering dependencies, pulled in for
- # rubygem-deltacloud-image-builder-agent, need to be removed as
- # ec2-ami-tools and appliance-tools depend on them and using
- # 'absent' in the context of the 'yum' provider dispatches
- # to 'rpm -e' instead of 'yum erase'
- package { ['rubygem-boxgrinder-build-ec2-platform-plugin',
- 'rubygem-boxgrinder-build-centos-os-plugin',
- 'rubygem-boxgrinder-build-fedora-os-plugin']:
- provider => "yum", ensure => 'absent',
- require => Package['rubygem-deltacloud-image-builder-agent']}
- package { 'rubygem-boxgrinder-build-rhel-os-plugin':
- provider => "yum", ensure => 'absent',
- require =>
Package['rubygem-boxgrinder-build-centos-os-plugin']}
- package { 'rubygem-boxgrinder-build-rpm-based-os-plugin':
- provider => "yum", ensure => 'absent',
- require => Package['rubygem-boxgrinder-build-rhel-os-plugin',
- 'rubygem-boxgrinder-build-fedora-os-plugin']}
-
- package { 'ec2-ami-tools':
- provider => "yum", ensure => 'absent',
- require =>
Package['rubygem-boxgrinder-build-ec2-platform-plugin']}
- package { 'appliance-tools':
- provider => 'yum', ensure => 'absent',
- require =>
Package['rubygem-boxgrinder-build-rpm-based-os-plugin']}
- package { 'livecd-tools':
- provider => 'yum', ensure => 'absent',
- require => Package['appliance-tools']}
- package { 'python-imgcreate':
- provider => 'yum', ensure => 'absent',
- require => Package['appliance-tools',
'livecd-tools']}
-
### Stop the deltacloud services
service { ['condor', 'httpd']:
diff --git a/recipes/deltacloud_recipe/manifests/image-factory.pp
b/recipes/deltacloud_recipe/manifests/image-factory.pp
index 0888dd8..e82be1f 100644
--- a/recipes/deltacloud_recipe/manifests/image-factory.pp
+++ b/recipes/deltacloud_recipe/manifests/image-factory.pp
@@ -1,6 +1,31 @@
# Deltacloud image factory puppet definitions
class deltacloud::image-factory inherits deltacloud {
+ ### Install the deltacloud components
+ # specific versions of these two packages are needed and we need to pull the third
in
+ package { 'python-imgcreate':
+ provider => 'rpm', ensure => installed,
+ source =>
'http://repos.fedorapeople.org/repos/deltacloud/appliance/fedora-13/x86_64/python-imgcreate-031-1.fc12.1.x86_64.rpm'}
+ package { 'livecd-tools':
+ provider => 'rpm', ensure => installed,
+ source =>
'http://repos.fedorapeople.org/repos/deltacloud/appliance/fedora-13/x86_64/livecd-tools-031-1.fc12.1.x86_64.rpm',
+ require => Package['python-imgcreate']}
+ package { 'appliance-tools':
+ provider => 'yum', ensure => installed,
+ require => Package["livecd-tools",
"python-imgcreate"]}
+
+ # TODO: Fix me, find a better way to do this...
+ # We need to also install this rpm from amazon
+ package{"ec2-ami-tools":
+ provider => "rpm",
+ source =>
"http://s3.amazonaws.com/ec2-downloads/ec2-ami-tools.noarch.rpm",
+ ensure => 'installed' }
+
+ package { 'rubygem-deltacloud-image-builder-agent':
+ provider => 'yum', ensure => 'installed',
+ require => Package['appliance-tools', 'livecd-tools',
'python-imgcreate', 'ec2-ami-tools']}
+
+
### Configure boxgrinder, this should go into the boxgrinder rpms eventually
file { "/boxgrinder": ensure => "directory"}
file { "/boxgrinder/appliances":
@@ -74,6 +99,44 @@ class deltacloud::image-factory::disabled {
hasstatus => true,
enable => false}
+
+ ### Uninstall the deltacloud components
+ package { 'rubygem-deltacloud-image-builder-agent':
+ provider => 'yum', ensure => 'absent',
+ require => Package['deltacloud-aggregator']}
+
+ # FIXME these lingering dependencies, pulled in for
+ # rubygem-deltacloud-image-builder-agent, need to be removed as
+ # ec2-ami-tools and appliance-tools depend on them and using
+ # 'absent' in the context of the 'yum' provider dispatches
+ # to 'rpm -e' instead of 'yum erase'
+ package { ['rubygem-boxgrinder-build-ec2-platform-plugin',
+ 'rubygem-boxgrinder-build-centos-os-plugin',
+ 'rubygem-boxgrinder-build-fedora-os-plugin']:
+ provider => "yum", ensure => 'absent',
+ require => Package['rubygem-deltacloud-image-builder-agent']}
+ package { 'rubygem-boxgrinder-build-rhel-os-plugin':
+ provider => "yum", ensure => 'absent',
+ require =>
Package['rubygem-boxgrinder-build-centos-os-plugin']}
+ package { 'rubygem-boxgrinder-build-rpm-based-os-plugin':
+ provider => "yum", ensure => 'absent',
+ require => Package['rubygem-boxgrinder-build-rhel-os-plugin',
+ 'rubygem-boxgrinder-build-fedora-os-plugin']}
+
+ package { 'ec2-ami-tools':
+ provider => "yum", ensure => 'absent',
+ require =>
Package['rubygem-boxgrinder-build-ec2-platform-plugin']}
+ package { 'appliance-tools':
+ provider => 'yum', ensure => 'absent',
+ require =>
Package['rubygem-boxgrinder-build-rpm-based-os-plugin']}
+ package { 'livecd-tools':
+ provider => 'yum', ensure => 'absent',
+ require => Package['appliance-tools']}
+ package { 'python-imgcreate':
+ provider => 'yum', ensure => 'absent',
+ require => Package['appliance-tools',
'livecd-tools']}
+
+
### Destroy and cleanup deltacloud artifacts
exec{"remove_deltacloud_templates": command => "/bin/rm -rf
/templates"}
exec{"remove_boxgrinder_dir": command => "/bin/rm -rf
/boxgrinder"}
diff --git a/recipes/deltacloud_recipe/manifests/iwhd.pp
b/recipes/deltacloud_recipe/manifests/iwhd.pp
index 9711b75..b756735 100644
--- a/recipes/deltacloud_recipe/manifests/iwhd.pp
+++ b/recipes/deltacloud_recipe/manifests/iwhd.pp
@@ -1,6 +1,10 @@
# Deltacloud iwhd puppet definitions
class deltacloud::iwhd inherits deltacloud {
+ ### Install the deltacloud components
+ package { 'iwhd':
+ provider => 'yum', ensure => 'installed' }
+
### Start the deltacloud services
file { "/data": ensure => 'directory' }
file { "/data/db": ensure => 'directory' }
@@ -11,8 +15,15 @@ class deltacloud::iwhd inherits deltacloud {
service { 'iwhd':
ensure => 'running',
enable => true,
+ hasstatus => true,
require => [Package['iwhd'],
Service[mongod]]}
+
+ # XXX ugly hack but iwhd might take some time to come up
+ exec{"iwhd_startup_pause":
+ command => "/bin/sleep 2",
+ unless => '/usr/bin/curl http://localhost:9090';,
+ require => Service[iwhd]}
}
class deltacloud::iwhd::disabled {
@@ -25,15 +36,17 @@ class deltacloud::iwhd::disabled {
ensure => 'stopped',
enable => false,
hasstatus => true}
+
+
+ ### Uninstall the deltacloud components
+ package { 'iwhd':
+ provider => 'yum', ensure => 'absent',
+ require => [Package['deltacloud-aggregator'],
Service['iwhd']]}
}
# Create a named bucket in iwhd
define deltacloud::create_bucket(){
package{'curl': ensure => 'installed'}
- # XXX ugly hack but iwhd might take some time to come up
- exec{"iwhd_startup_pause":
- command => "/bin/sleep 2",
- require => Service[iwhd]}
exec{"create-bucket-${name}":
command => "/usr/bin/curl -X PUT http://localhost:9090/templates";,
require => [Exec['iwhd_startup_pause'], Package[curl]] }
diff --git a/recipes/postgres/manifests/init.pp b/recipes/postgres/manifests/init.pp
index 4a4fb5e..fad0b6e 100644
--- a/recipes/postgres/manifests/init.pp
+++ b/recipes/postgres/manifests/init.pp
@@ -39,7 +39,7 @@ class postgres::server inherits postgres {
}
exec { "pginitdb":
- command => "/usr/bin/initdb
--pgdata='/var/lib/pgsql/data'",
+ command => "/usr/bin/initdb
--pgdata='/var/lib/pgsql/data' -E UTF8",
user => "postgres",
group => "postgres",
creates => "/var/lib/pgsql/data/PG_VERSION",
--
1.7.2.3
9:11 a.m.
On 12/22/2010 02:59 PM, Mohammed Morsi wrote:
This patchset greatly revamps the deltacloud puppet recipe and
installer/uninstaller
to clean up a plethora of things and to make it a more state based solution, bringing
it inline with the standard puppet methodology.
_______________________________________________
deltacloud-devel mailing list
deltacloud-devel(a)lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/deltacloud-devel
The new RPMs in our repo threw some kinks in the works here, but with
the rebasing we've done off-list, I've ack'ed the whole series and
pushed them.
Thanks,
Mike
4881
days inactive
4896
days old
deltacloud-devel@lists.fedorahosted.org
10 comments
2 participants
participants (2)
-
Mike Orazi -
Mo Morsi