From d2566cc114e71440e91c63fc548a0aee2cb7d18e Mon Sep 17 00:00:00 2001 From: Eric Shamow Date: Tue, 4 Oct 2011 06:58:50 -0400 Subject: [PATCH 01/49] Split main init into multiple files, removed tabs, some space correction, removed separate selinux class --- manifests/init.pp | 398 +++++----------------------------------- manifests/kvmagent.pp | 77 ++++++++ manifests/mgmt.pp | 115 ++++++++++++ manifests/nfs-common.pp | 106 +++++++++++ manifests/params.pp | 20 ++ 5 files changed, 360 insertions(+), 356 deletions(-) create mode 100644 manifests/kvmagent.pp create mode 100644 manifests/mgmt.pp create mode 100644 manifests/nfs-common.pp create mode 100644 manifests/params.pp diff --git a/manifests/init.pp b/manifests/init.pp index 32d4027..c1015a7 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,358 +1,44 @@ class cloudstack { - include cloudstack::no_selinux - - case $operatingsystem { - centos,redhat : { - yumrepo{"Cloudstack": - baseurl => "http://yumrepo/repositories/rhel/$operatingsystemrelease/stable/oss/", - name => "CloudStack", - enable => 1, - gpgcheck => 0, - } - } - fedora : { - yumrepo{"Cloudstack": - baseurl => "http://192.168.203.177/foo/", - name => "CloudStack", - enabled => 1, - gpgcheck => 0, - } - - } - - } - file { "/etc/sudoers": - source => "puppet://puppet/cloudstack/sudoers", - mode => 440, - owner => root, - group => root, - } - - file { "/etc/hosts": - content => template("cloudstack/hosts"), - } - - package {wget: ensure => present} ### Not needed after 2.2.9, see bug 11258 -######### DEFINITIONS #################### - - $cs_mgmt_server = "192.168.203.177" - $internaldns1 = "192.168.203.1" - $dns1 = "8.8.8.8" - $cs_agent_netmask = "255.255.255.0" - $cs_sec_storage_nfs_server = "192.168.203.176" - $cs_sec_storage_mnt_point = "/secondary" - $pri_storage_nfs_server = "192.168.203.176" - $pri_storage_mnt_point = "/primary" - $hvtype = "KVM" - $system_tmplt_dl_cmd = "/usr/lib64/cloud/agent/scripts/storage/secondary/cloud-install-sys-tmplt" - $sysvm_url_kvm = "http://download.cloud.com/releases/2.2.0/systemvm.qcow2.bz2" - $sysvm_url_xen = "http://download.cloud.com/releases/2.2.0/systemvm.vhd.bz2" - - -} -class cloudstack::nfs-common { -#this subclass provides NFS for primary and secondary storage on a single machine. -#this is not production quality - but useful for a POC/demo/dev/test environment. -#you will either want to significantly alter or use your own nfs class - - include cloudstack - - package {nfs-utils: ensure => present} - - service {nfs: - ensure => running, - enable => true, - hasstatus => true, - require => [ Service[rpcbind], File["/primary"], File["/secondary"] ], - } - - service {rpcbind: - ensure => running, - enable => true, - hasstatus => true, - } - file {"/primary": - ensure => directory, - mode => 777, - } - file {"/secondary": - ensure => directory, - mode => 777, - } - file {"/etc/sysconfig/nfs": - source => "puppet://puppet/cloudstack/nfs", - notify => Service[nfs], - } - - file {"/etc/exports": - source => "puppet://puppet/cloudstack/exports", - notify => Service[nfs], - } - - iptables {"udp111": - proto => "udp", - dport=> "111", - jump => "ACCEPT", - } - - iptables {"tcp111": - proto => "tcp", - dport => "111", - jump => "ACCEPT", - } - - iptables {"tcp2049": - proto => "tcp", - dport => "2049", - jump => "ACCEPT", - } - - iptables {"tcp32803": - proto => "tcp", - dport => "32803", - jump => "ACCEPT", - } - - iptables {"udp32769": - proto => "udp", - dport => "32769", - jump => "ACCEPT", - } - - iptables {"tcp892": - proto => "tcp", - dport => "892", - jump => "ACCEPT", - } - - iptables {"udp892": - proto => "udp", - dport => "892", - jump => "ACCEPT", - } - - iptables {"tcp875": - proto => "tcp", - dport => "875", - jump => "ACCEPT", - } - - iptables {"udp875": - proto => "udp", - dport => "875", - jump => "ACCEPT", - } - - iptables {"tcp662": - proto => "tcp", - dport => "662", - jump => "ACCEPT", - } - - iptables {"udp662": - proto => "udp", - dport => "662", - jump => "ACCEPT", - } - -} - - -class cloudstack::kvmagent { - include cloudstack - package {cloud-agent : ensure => present, require => Yumrepo[CloudStack], } - - exec { "cloud-setup-agent": - creates => "/var/log/cloud/setupAgent.log", - requires => [ Package[cloud-agent], - Package[NetworkManager], - File["/etc/sudoers"], - File["/etc/cloud/agent/agent.properties"], - File["/etc/sysconfig/network-scripts/ifcfg-eth0"], - File["/etc/hosts"], - File["/etc/sysconfig/network"], - File["/etc/resolv.conf"], - Service["network"], ] - } - - - file { "/etc/cloud/agent/agent.properties": - ensure => present, - requires => Package[cloud-agent], - content => template("cloudstack/agent.properties") - } - -######## AGENT NETWORKING SECTION SEE NOTES BEFORE END OF NETWORKING SECTION ############ - - file { "/etc/sysconfig/network-scripts/ifcfg-eth0": - content => template("cloudstack/ifcfg-eth0"), - } - - - service { network: - ensure => running, - enabed => true, - hasstatus => true, ## Is that really true? - requires => [ Package[NetworkManager], File["/etc/sysconfig/network-scripts/ifcfg-eth0"], ] - } - - package { NetworkManager: - ensure => absent, - } - - file { "/etc/sysconfig/network": - content => template("cloudstack/network"), - } - - - file { "/etc/resolv.conf": - content => template("cloudstack/resolv.conf"), - } - -### NOTES: This assumes a single NIC (eth0) will be used for CloudStack and ensures that the -### config file is correct syntactically and in place -### If you wish to use more than a single NIC you will need to edit both the agent.properties -### file and add additional ifcfg-ethX files to this configuration. -### - -######### END AGENT NETWORKING ############################################################## - - -########## Also need to create a agent.properties stanza, and likely need to define -########## IP address or name for management server - and do agent.properties as a template. -############ Need to do something that will take care of IP configuration -############ Need to do something that will take care of KVM - make sure module is loaded - need to define what tests cloud-setup-agent actually runs to test for KVM and ensure that we do those tests as well, and rectify if needed (do a reboot?? ) -### Need to handle hostname addition as well - and probably a def gw and ensuring that DNS is set since -### we are so backwards as to not use DHCP - - -### IP Address thoughts: -### Use a template based on /etc/sysconfig/ifcfg-ethX -### By default only specify eth0, with liberal commenting about what to do in the event of needing to change our simple configuration (e.g. edit agent.properites, add additional network config, etc. -### Require network to be enable -### Require NetworkManager be disabled (Is it installed by default, do we need to do a case?, perhaps we 'ensure absent') -### Make sure we cycle network after deploying a ifcfg. -### Do we handle creation of cloud-br0? I am thinking not, seems like there's a lot of magic there. For now, lets stay away from that. - -} - -class cloudstack::mgmt { - include cloudstack - - - package {cloud-client : ensure => present, require => Yumrepo[CloudStack], } - - exec { "cloud-setup-management": - onlyif => [ "test -e /var/lib/mysql/cloud", - "test -e /etc/sysconfig/cloud-management", - "service cloud-management status |grep -v running" ] - #The last check won't work on systemd, need to come up with some alternative - } -########## Requires the iptables module from: http://github.com/camptocamp/puppet-iptables/ - - iptables { "http": - proto => "tcp", - dport=> "80", - jump => "ACCEPT",} - - iptables { "http-alt": - proto => "tcp", - dport=> "8080", - jump => "ACCEPT", - } - -# iptables { "port-8096": ###### this is the unauthenticated API interface - should be locked down by default. -# proto => "tcp", -# dport=> "8096", -# jump => "ACCEPT", -# } - - iptables { "port-8250": ############ Think this is for cpvm, but check for certain. - proto => "tcp", - dport=> "8250", - jump => "ACCEPT", - } - - iptables { "port-9090": ####################### find out what this does in cloudstack - proto => "tcp", - dport=> "9090", - jump => "ACCEPT", - } - - -#################### MYSQL SECTION - can likely be removed if you are using puppet in production and use your own mysql module ######### -# wondering if i should do this as a separate subclass - - package {mysql-server : ensure => present } - - service {mysqld: - name => $operatingsystem? { - default => "mysqld", - ubuntu => "mysql", - }, - ensure => running, - enable => true, - hasstatus => true, - require => Package[mysql-server], - } - file {"/etc/my.cnf": - source => "puppet://puppet/cloudstack/my.cnf", - notify => Service[mysqld], - } - - exec {"cloud-setup-databases cloud:dbpassword@localhost --deploy-as=root": - creates => "/var/lib/mysql/cloud", - } - -################## END MYSQL SECTION ################################################################################################### - -################## CloudStack configuration section #################################################################################### - -########## Zone ################ - - exec {"curl 'http://localhost:8096/?command=createZone&dns1=8.8.8.8&internaldns1=8.8.8.8&name=Zone1&networktype=Basic'": - onlyif => "curl 'http://localhost:8096/?command=listZones&available=true' | grep -v Zone1" - } - -########## Pod ################# - - exec {"curl 'http://localhost:8096?command=createPod&gateway=192.168.203.1&name=Pod1&netmask=255.255.255.0&startip=192.168.203.200&zoneid=4&endip=192.168.203.230'": - onlyif => ["curl 'http://localhost:8096/?command=listZones&available=true' | grep Zone1", - "curl 'http://localhost:8096/?command=listPods' | grep -v Pod1", ] - } - -########## Cluster ############## - - exec {"curl 'http://localhost:8096?command=addCluster&clustername=Cluster1&clustertype=CloudManaged&hypervisor=${hvtype}&zoneid=4&podid=1'": - onlyif => ["curl 'http://localhost:8096/?command=listZones&available=true' | grep Zone1", - "curl 'http://localhost:8096/?command=listPods' | grep Pod1", - "curl 'http://localhost:8096/?command=listClusters' | grep -v Cluster1" ], - } - -########## SecStorage ############ -## NOTE: This will take a LONG time to run. Go get a cup of coffee - exec { "mount ${cloudstack::cs_sec_storage_nfs_server}:${cloudstack::cs_sec_storage_mnt_point} /mnt ; - ${cloudstack::system_tmplt_dl_cmd} -m /mnt -u ${cloudstack::sysvm_url_kvm} -h kvm -F ; - curl 'http://localhost:8096/?command=addSecondaryStorage&url=nfs://${cloudstack::cs_sec_storage_nfs_server}${cloudstack::cs_sec_storage_mnt_point}&zoneid=1' ; - touch /var/lib/cloud/ssvm": - onlyif => ["test ! -e /var/lib/cloud/ssvm", "curl 'http://localhost:8096/?command=listZones&available=true' | grep Zone1",] - } - -########## Primary Storage ######## -### THis needs to add a check for a host to have been added - exec { "curl 'http://localhost:8096/?command=createStoragePool&name=PStorage&url=nfs://${cloudstack::pri_storage_nfs_server}${cloudstack::pri_storage_mnt_point}&zoneid=4&podid=1'": - onlyif => ["curl 'http://localhost:8096/?command=listPods' | grep Pod1", - "curl 'http://localhost:8096/?command=listStoragePools' | grep -v PStorage", ] - } - - -} - -class cloudstack::no_selinux { - file { "/etc/selinux/config": - source => "puppet://puppet/cloudstack/config", - } - exec { "/usr/sbin/setenforce 0": - onlyif => "/usr/sbin/getenforce | grep Enforcing", - } + include cloudstack::params + + case $operatingsystem { + centos,redhat : { + yumrepo{"Cloudstack": + baseurl => "http://yumrepo/repositories/rhel/$operatingsystemrelease/stable/oss/", + name => "CloudStack", + enabled => 1, + gpgcheck => 0, + } + } + + fedora : { + yumrepo{"Cloudstack": + baseurl => "http://192.168.203.177/foo/", + name => "CloudStack", + enabled => 1, + gpgcheck => 0, + } + } + + } + + file { "/etc/sudoers": + source => "puppet://puppet/cloudstack/sudoers", + mode => 440, + owner => root, + group => root, + } + + file { "/etc/hosts": + content => template("cloudstack/hosts"), + } + + package {wget: ensure => present} ### Not needed after 2.2.9, see bug 11258 + + file { "/etc/selinux/config": + source => "puppet://puppet/cloudstack/config", + } + exec { "/usr/sbin/setenforce 0": + onlyif => "/usr/sbin/getenforce | grep Enforcing", + } } diff --git a/manifests/kvmagent.pp b/manifests/kvmagent.pp new file mode 100644 index 0000000..7a60912 --- /dev/null +++ b/manifests/kvmagent.pp @@ -0,0 +1,77 @@ +class cloudstack::kvmagent { + include cloudstack + package {cloud-agent : ensure => present, require => Yumrepo[CloudStack], } + + exec { "cloud-setup-agent": + creates => "/var/log/cloud/setupAgent.log", + requires => [ Package[cloud-agent], + Package[NetworkManager], + File["/etc/sudoers"], + File["/etc/cloud/agent/agent.properties"] + File["/etc/sysconfig/network-scripts/ifcfg-eth0"], + File["/etc/hosts"], + File["/etc/sysconfig/network"], + File["/etc/resolv.conf"], + Service["network"], + ] + } + + + file { "/etc/cloud/agent/agent.properties": + ensure => present, + requires => Package[cloud-agent], + content => template("cloudstack/agent.properties") + } + +######## AGENT NETWORKING SECTION SEE NOTES BEFORE END OF NETWORKING SECTION ############ + + file { "/etc/sysconfig/network-scripts/ifcfg-eth0": + content => template("cloudstack/ifcfg-eth0"), + } + + + service { network: + ensure => running, + enabed => true, + hasstatus => true, ## Is that really true? + requires => [ Package[NetworkManager], File["/etc/sysconfig/network-scripts/ifcfg-eth0"], ] + } + + package { NetworkManager: + ensure => absent, + } + + file { "/etc/sysconfig/network": + content => template("cloudstack/network"), + } + + file { "/etc/resolv.conf": + content => template("cloudstack/resolv.conf"), + } + +### NOTES: This assumes a single NIC (eth0) will be used for CloudStack and ensures that the +### config file is correct syntactically and in place +### If you wish to use more than a single NIC you will need to edit both the agent.properties +### file and add additional ifcfg-ethX files to this configuration. +### + +######### END AGENT NETWORKING ############################################################## + + +########## Also need to create a agent.properties stanza, and likely need to define +########## IP address or name for management server - and do agent.properties as a template. +############ Need to do something that will take care of IP configuration +############ Need to do something that will take care of KVM - make sure module is loaded - need to define what tests cloud-setup-agent actually runs to test for KVM and ensure that we do those tests as well, and rectify if needed (do a reboot?? ) +### Need to handle hostname addition as well - and probably a def gw and ensuring that DNS is set since +### we are so backwards as to not use DHCP + + +### IP Address thoughts: +### Use a template based on /etc/sysconfig/ifcfg-ethX +### By default only specify eth0, with liberal commenting about what to do in the event of needing to change our simple configuration (e.g. edit agent.properites, add additional network config, etc. +### Require network to be enable +### Require NetworkManager be disabled (Is it installed by default, do we need to do a case?, perhaps we 'ensure absent') +### Make sure we cycle network after deploying a ifcfg. +### Do we handle creation of cloud-br0? I am thinking not, seems like there's a lot of magic there. For now, lets stay away from that. + +} diff --git a/manifests/mgmt.pp b/manifests/mgmt.pp new file mode 100644 index 0000000..4b55dd3 --- /dev/null +++ b/manifests/mgmt.pp @@ -0,0 +1,115 @@ +class cloudstack::mgmt { + include cloudstack + + + package {cloud-client : ensure => present, require => Yumrepo[CloudStack], } + + exec { "cloud-setup-management": + onlyif => [ "test -e /var/lib/mysql/cloud", + "test -e /etc/sysconfig/cloud-management", + "service cloud-management status |grep -v running" ] + #The last check won't work on systemd, need to come up with some alternative + } +########## Requires the iptables module from: http://github.com/camptocamp/puppet-iptables/ + + iptables { "http": + proto => "tcp", + dport=> "80", + jump => "ACCEPT", + } + + iptables { "http-alt": + proto => "tcp", + dport=> "8080", + jump => "ACCEPT", + } + +# iptables { "port-8096": ###### this is the unauthenticated API interface - should be locked down by default. +# proto => "tcp", +# dport=> "8096", +# jump => "ACCEPT", +# } + + iptables { "port-8250": ############ Think this is for cpvm, but check for certain. + proto => "tcp", + dport=> "8250", + jump => "ACCEPT", + } + + iptables { "port-9090": ####################### find out what this does in cloudstack + proto => "tcp", + dport=> "9090", + jump => "ACCEPT", + } + + +#################### MYSQL SECTION - can likely be removed if you are using puppet in production and use your own mysql module ######### +# wondering if i should do this as a separate subclass + + package {mysql-server : ensure => present } + + service {mysqld: + name => $operatingsystem? { + default => "mysqld", + ubuntu => "mysql", + }, + ensure => running, + enable => true, + hasstatus => true, + require => Package[mysql-server], + } + + file {"/etc/my.cnf": + source => "puppet://puppet/cloudstack/my.cnf", + notify => Service[mysqld], + } + + exec {"cloud-setup-databases cloud:dbpassword@localhost --deploy-as=root": + creates => "/var/lib/mysql/cloud", + } + +################## END MYSQL SECTION ################################################################################################### + +################## CloudStack configuration section #################################################################################### + +########## Zone ################ + + exec {"curl 'http://localhost:8096/?command=createZone&dns1=8.8.8.8&internaldns1=8.8.8.8&name=Zone1&networktype=Basic'": + onlyif => "curl 'http://localhost:8096/?command=listZones&available=true' | grep -v Zone1" + } + +########## Pod ################# + + exec {"curl 'http://localhost:8096?command=createPod&gateway=192.168.203.1&name=Pod1&netmask=255.255.255.0&startip=192.168.203.200&zoneid=4&endip=192.168.203.230'": + onlyif => [ "curl 'http://localhost:8096/?command=listZones&available=true' | grep Zone1", + "curl 'http://localhost:8096/?command=listPods' | grep -v Pod1", + ] + } + +########## Cluster ############## + + exec {"curl 'http://localhost:8096?command=addCluster&clustername=Cluster1&clustertype=CloudManaged&hypervisor=${hvtype}&zoneid=4&podid=1'": + onlyif => ["curl 'http://localhost:8096/?command=listZones&available=true' | grep Zone1", + "curl 'http://localhost:8096/?command=listPods' | grep Pod1", + "curl 'http://localhost:8096/?command=listClusters' | grep -v Cluster1", + ] + } + +########## SecStorage ############ +## NOTE: This will take a LONG time to run. Go get a cup of coffee + exec { "mount ${cloudstack::cs_sec_storage_nfs_server}:${cloudstack::cs_sec_storage_mnt_point} /mnt ; + ${cloudstack::system_tmplt_dl_cmd} -m /mnt -u ${cloudstack::sysvm_url_kvm} -h kvm -F ; + curl 'http://localhost:8096/?command=addSecondaryStorage&url=nfs://${cloudstack::cs_sec_storage_nfs_server}${cloudstack::cs_sec_storage_mnt_point}&zoneid=1' ; + touch /var/lib/cloud/ssvm": + onlyif => [ "test ! -e /var/lib/cloud/ssvm", "curl 'http://localhost:8096/?command=listZones&available=true' | grep Zone1",] + } + +########## Primary Storage ######## +### THis needs to add a check for a host to have been added + exec { "curl 'http://localhost:8096/?command=createStoragePool&name=PStorage&url=nfs://${cloudstack::pri_storage_nfs_server}${cloudstack::pri_storage_mnt_point}&zoneid=4&podid=1'": + onlyif => ["curl 'http://localhost:8096/?command=listPods' | grep Pod1", + "curl 'http://localhost:8096/?command=listStoragePools' | grep -v PStorage", + ] + } + +} diff --git a/manifests/nfs-common.pp b/manifests/nfs-common.pp new file mode 100644 index 0000000..5d71edc --- /dev/null +++ b/manifests/nfs-common.pp @@ -0,0 +1,106 @@ +class cloudstack::nfs-common { +#this subclass provides NFS for primary and secondary storage on a single machine. +#this is not production quality - but useful for a POC/demo/dev/test environment. +#you will either want to significantly alter or use your own nfs class + + include cloudstack + + package {nfs-utils: ensure => present} + + service {nfs: + ensure => running, + enable => true, + hasstatus => true, + require => [ Service[rpcbind], File["/primary"], File["/secondary"] ], + } + + service {rpcbind: + ensure => running, + enable => true, + hasstatus => true, + } + file {"/primary": + ensure => directory, + mode => 777, + } + file {"/secondary": + ensure => directory, + mode => 777, + } + file {"/etc/sysconfig/nfs": + source => "puppet://puppet/cloudstack/nfs", + notify => Service[nfs], + } + + file {"/etc/exports": + source => "puppet://puppet/cloudstack/exports", + notify => Service[nfs], + } + + iptables {"udp111": + proto => "udp", + dport=> "111", + jump => "ACCEPT", + } + + iptables {"tcp111": + proto => "tcp", + dport => "111", + jump => "ACCEPT", + } + + iptables {"tcp2049": + proto => "tcp", + dport => "2049", + jump => "ACCEPT", + } + + iptables {"tcp32803": + proto => "tcp", + dport => "32803", + jump => "ACCEPT", + } + + iptables {"udp32769": + proto => "udp", + dport => "32769", + jump => "ACCEPT", + } + + iptables {"tcp892": + proto => "tcp", + dport => "892", + jump => "ACCEPT", + } + + iptables {"udp892": + proto => "udp", + dport => "892", + jump => "ACCEPT", + } + + iptables {"tcp875": + proto => "tcp", + dport => "875", + jump => "ACCEPT", + } + + iptables {"udp875": + proto => "udp", + dport => "875", + jump => "ACCEPT", + } + + iptables {"tcp662": + proto => "tcp", + dport => "662", + jump => "ACCEPT", + } + + iptables {"udp662": + proto => "udp", + dport => "662", + jump => "ACCEPT", + } + +} diff --git a/manifests/params.pp b/manifests/params.pp new file mode 100644 index 0000000..e6c3cb4 --- /dev/null +++ b/manifests/params.pp @@ -0,0 +1,20 @@ +# Class:: cloudstack::params +# +# +class cloudstack::params { + + $cs_mgmt_server = "192.168.203.177" + $internaldns1 = "192.168.203.1" + $dns1 = "8.8.8.8" + $cs_agent_netmask = "255.255.255.0" + $cs_sec_storage_nfs_server = "192.168.203.176" + $cs_sec_storage_mnt_point = "/secondary" + $pri_storage_nfs_server = "192.168.203.176" + $pri_storage_mnt_point = "/primary" + $hvtype = "KVM" + $system_tmplt_dl_cmd = "/usr/lib64/cloud/agent/scripts/storage/secondary/cloud-install-sys-tmplt" + $sysvm_url_kvm = "http://download.cloud.com/releases/2.2.0/systemvm.qcow2.bz2" + $sysvm_url_xen = "http://download.cloud.com/releases/2.2.0/systemvm.vhd.bz2" + + +} # Class:: cloudstack::params From bad8a5ee5059bf648975f8ad8d28e76a4fbae547 Mon Sep 17 00:00:00 2001 From: Eric Shamow Date: Sun, 9 Oct 2011 15:45:14 -0400 Subject: [PATCH 02/49] Changes made for style guide pass, stopping to look at sudo options --- manifests/init.pp | 82 ++++++++++++++++++++++++++++--------------- manifests/kvmagent.pp | 15 ++++++++ manifests/mgmt.pp | 1 - 3 files changed, 69 insertions(+), 29 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index c1015a7..ccd34d2 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,44 +1,70 @@ +# Class: cloudstack +# +# This class installs the base CloudStack components +# +# Parameters: +# +# Actions: +# Install the CloudStack repository: [cloudstack] +# Manage sudoers file +# Manage hosts file +# Turn off selinux +# Ensure wget installed +# +# Requires: +# +# Package[ 'sudo' ] + +# Sample Usage: +# This class should not be included directly. It is called from other modules. +# class cloudstack { include cloudstack::params - case $operatingsystem { - centos,redhat : { - yumrepo{"Cloudstack": - baseurl => "http://yumrepo/repositories/rhel/$operatingsystemrelease/stable/oss/", - name => "CloudStack", - enabled => 1, - gpgcheck => 0, - } + case $::operatingsystem { + /(centos|redhat)/: { + $baseurl = "http://yumrepo/repositories/rhel/$::operatingsystemrelease/stable/oss/", } - - fedora : { - yumrepo{"Cloudstack": - baseurl => "http://192.168.203.177/foo/", - name => "CloudStack", - enabled => 1, - gpgcheck => 0, - } + fedora: { + $baseurl = 'http://192.168.203.177/foo/', + } + default: { + fail( "Cloudstack module is only supported on CentOS, RedHat, and Fedora-based systems." } + } + + yumrepo{ 'Cloudstack': + baseurl => $baseurl, + name => 'CloudStack', + enabled => 1, + gpgcheck => 0, + } + file { '/etc/sudoers.d/': + ensure => directory, + mode => '0550', + owner => root, + group => root, + require => Package[ 'sudo' ] } - file { "/etc/sudoers": - source => "puppet://puppet/cloudstack/sudoers", - mode => 440, - owner => root, - group => root, + file { '/etc/sudoers.d/cloudstack.sudo': + source => "puppet:///puppet/cloudstack/cloudstack.sudo" + mode => '0440', + owner => root, + group => root, } - file { "/etc/hosts": - content => template("cloudstack/hosts"), + file { '/etc/hosts': + content => template( 'cloudstack/hosts' ), } - package {wget: ensure => present} ### Not needed after 2.2.9, see bug 11258 + package { wget: ensure => present } ### Not needed after 2.2.9, see bug 11258 - file { "/etc/selinux/config": - source => "puppet://puppet/cloudstack/config", + file { '/etc/selinux/config': + source => 'puppet://puppet/cloudstack/config', } - exec { "/usr/sbin/setenforce 0": - onlyif => "/usr/sbin/getenforce | grep Enforcing", + exec { '/usr/sbin/setenforce 0': + onlyif => '/usr/sbin/getenforce | grep Enforcing', } } diff --git a/manifests/kvmagent.pp b/manifests/kvmagent.pp index 7a60912..55945f8 100644 --- a/manifests/kvmagent.pp +++ b/manifests/kvmagent.pp @@ -1,3 +1,18 @@ +# Class: cloudstack::kvmagent +# +# This class installs the base CloudStack KVM agent +# +# Parameters: +# +# Actions: +# Install base cloudstack agent +# Install Package['cloud-agent'] +# Run script Exec['cloud-setup-agent'] +# +# Requires: +# +# Sample Usage: +# class cloudstack::kvmagent { include cloudstack package {cloud-agent : ensure => present, require => Yumrepo[CloudStack], } diff --git a/manifests/mgmt.pp b/manifests/mgmt.pp index 4b55dd3..fcf0d98 100644 --- a/manifests/mgmt.pp +++ b/manifests/mgmt.pp @@ -1,7 +1,6 @@ class cloudstack::mgmt { include cloudstack - package {cloud-client : ensure => present, require => Yumrepo[CloudStack], } exec { "cloud-setup-management": From 274336c5ddea3dae9d9b35e479fb9bd4ea956b85 Mon Sep 17 00:00:00 2001 From: Eric Shamow Date: Sun, 9 Oct 2011 16:55:07 -0400 Subject: [PATCH 03/49] Refactor to use stdlib, add more module files --- LICENSE | 202 ++++++++++++++++++++++++++++++++++++++++++++++ Modulefile | 11 +++ README.markdown | 51 ++++++++++++ manifests/init.pp | 18 +---- 4 files changed, 268 insertions(+), 14 deletions(-) create mode 100644 LICENSE create mode 100644 Modulefile create mode 100644 README.markdown diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..57bc88a --- /dev/null +++ b/LICENSE @@ -0,0 +1,202 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + diff --git a/Modulefile b/Modulefile new file mode 100644 index 0000000..dfdfe2e --- /dev/null +++ b/Modulefile @@ -0,0 +1,11 @@ +name 'puppetlabs-stdlib' +version '2.0.0' +source 'git://github.com/puppetlabs/puppetlabs-stdlib' +author 'puppetlabs' +license 'Apache 2.0' +summary 'Puppet Module Standard Library' +description 'Standard Library for Puppet Modules' +project_page 'https://github.com/puppetlabs/puppetlabs-stdlib' + +## Add dependencies, if any: +# dependency 'username/name', '>= 1.2.0' diff --git a/README.markdown b/README.markdown new file mode 100644 index 0000000..68186c2 --- /dev/null +++ b/README.markdown @@ -0,0 +1,51 @@ +# Puppet Labs Standard Library # + +This module provides a "standard library" of resources for developing Puppet +Modules. This modules will include the following additions to Puppet + + * Stages + * Facts + * Functions + * Defined resource types + * Types + * Providers + +This module is officially curated and provided by Puppet Labs. The modules +Puppet Labs writes and distributes will make heavy use of this standard +library. + +# Compatibility # + +This module is designed to work with Puppet version 2.6 and later. It may be +forked if Puppet 2.7 specific features are added. There are currently no plans +for a Puppet 0.25 standard library module. + +# Functions # + + Please see `puppet doc -r function` for documentation on each function. The + current list of functions is: + + * getvar + * has\_key + * loadyaml + * merge.rb + * validate\_array + * validate\_bool + * validate\_hash + * validate\_re + * validate\_string + +## validate\_hash ## + + $somehash = { 'one' => 'two' } + validate\_hash($somehash) + +## getvar() ## + +This function aims to look up variables in user-defined namespaces within +puppet. Note, if the namespace is a class, it should already be evaluated +before the function is used. + + $namespace = 'site::data' + include "${namespace}" + $myvar = getvar("${namespace}::myvar") diff --git a/manifests/init.pp b/manifests/init.pp index ccd34d2..4d12a69 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -6,7 +6,7 @@ # # Actions: # Install the CloudStack repository: [cloudstack] -# Manage sudoers file +# Manage sudoers entry for cloud user # Manage hosts file # Turn off selinux # Ensure wget installed @@ -40,19 +40,9 @@ gpgcheck => 0, } - file { '/etc/sudoers.d/': - ensure => directory, - mode => '0550', - owner => root, - group => root, - require => Package[ 'sudo' ] - } - - file { '/etc/sudoers.d/cloudstack.sudo': - source => "puppet:///puppet/cloudstack/cloudstack.sudo" - mode => '0440', - owner => root, - group => root, + file_line { 'cs_sudo_rule' + path => '/etc/sudoers', + line => 'cloud ALL = NOPASSWD : ALL', } file { '/etc/hosts': From 45127f4d669d12d4471ccf31e47465c0158ba61f Mon Sep 17 00:00:00 2001 From: Eric Shamow Date: Sun, 9 Oct 2011 17:04:51 -0400 Subject: [PATCH 04/49] Added more module metadata --- Modulefile | 14 ++++++------ README | 25 --------------------- README.markdown | 60 ++++++++++++++----------------------------------- 3 files changed, 24 insertions(+), 75 deletions(-) delete mode 100644 README diff --git a/Modulefile b/Modulefile index dfdfe2e..8a3ac2a 100644 --- a/Modulefile +++ b/Modulefile @@ -1,11 +1,11 @@ -name 'puppetlabs-stdlib' -version '2.0.0' -source 'git://github.com/puppetlabs/puppetlabs-stdlib' +name 'puppetlabs-cloudstack' +version '0.0.1' +source 'git://github.com/puppetlabs/puppetlabs-cloudstack' author 'puppetlabs' license 'Apache 2.0' -summary 'Puppet Module Standard Library' -description 'Standard Library for Puppet Modules' -project_page 'https://github.com/puppetlabs/puppetlabs-stdlib' +summary 'CloudStack management module' +description 'Installation and configuration of all CloudStack components' +project_page 'https://github.com/puppetlabs/puppetlabs-cloudstack' ## Add dependencies, if any: -# dependency 'username/name', '>= 1.2.0' +dependency 'puppetlabs/stdlib', '>= 2.0.0' \ No newline at end of file diff --git a/README b/README deleted file mode 100644 index 972c6c9..0000000 --- a/README +++ /dev/null @@ -1,25 +0,0 @@ -This is the CloudStack puppet manifest. -The original location for this is: -https://gitorious.org/cloudstack-puppet - - -To the extent that this manifest is copyrightable (and that is questionable, as configurations generally aren't) it is licensed under the GPLv3 or at your option any later version. - -For problems or help, please send messages on: -https://lists.sourceforge.net/lists/listinfo/cloudstack-devel - -Test Plan: -So this should start from easiest submodules to most complex. -So I am testing in this order: - -NFS server: -(Can I successfully add primary and secondary storage to an existing cloudstack instance) - -Management Server: -Do the packages get installed properly (repos setup?) -Once installed does database get provisioned -Once database provisioned does UI come up? - -Agent: -Soooo much to test here.....basically does it work. - diff --git a/README.markdown b/README.markdown index 68186c2..972c6c9 100644 --- a/README.markdown +++ b/README.markdown @@ -1,51 +1,25 @@ -# Puppet Labs Standard Library # +This is the CloudStack puppet manifest. +The original location for this is: +https://gitorious.org/cloudstack-puppet -This module provides a "standard library" of resources for developing Puppet -Modules. This modules will include the following additions to Puppet - * Stages - * Facts - * Functions - * Defined resource types - * Types - * Providers +To the extent that this manifest is copyrightable (and that is questionable, as configurations generally aren't) it is licensed under the GPLv3 or at your option any later version. -This module is officially curated and provided by Puppet Labs. The modules -Puppet Labs writes and distributes will make heavy use of this standard -library. +For problems or help, please send messages on: +https://lists.sourceforge.net/lists/listinfo/cloudstack-devel -# Compatibility # +Test Plan: +So this should start from easiest submodules to most complex. +So I am testing in this order: -This module is designed to work with Puppet version 2.6 and later. It may be -forked if Puppet 2.7 specific features are added. There are currently no plans -for a Puppet 0.25 standard library module. +NFS server: +(Can I successfully add primary and secondary storage to an existing cloudstack instance) -# Functions # +Management Server: +Do the packages get installed properly (repos setup?) +Once installed does database get provisioned +Once database provisioned does UI come up? - Please see `puppet doc -r function` for documentation on each function. The - current list of functions is: +Agent: +Soooo much to test here.....basically does it work. - * getvar - * has\_key - * loadyaml - * merge.rb - * validate\_array - * validate\_bool - * validate\_hash - * validate\_re - * validate\_string - -## validate\_hash ## - - $somehash = { 'one' => 'two' } - validate\_hash($somehash) - -## getvar() ## - -This function aims to look up variables in user-defined namespaces within -puppet. Note, if the namespace is a class, it should already be evaluated -before the function is used. - - $namespace = 'site::data' - include "${namespace}" - $myvar = getvar("${namespace}::myvar") From d9e1685d8b10b830d8307f84905203a80add37a5 Mon Sep 17 00:00:00 2001 From: Eric Shamow Date: Sun, 9 Oct 2011 20:29:34 -0400 Subject: [PATCH 05/49] Removed network stuff from kvmagent for now --- manifests/init.pp | 25 ++++++++++------- manifests/kvmagent.pp | 63 +++++++++++-------------------------------- 2 files changed, 30 insertions(+), 58 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 4d12a69..a466755 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -23,38 +23,43 @@ case $::operatingsystem { /(centos|redhat)/: { - $baseurl = "http://yumrepo/repositories/rhel/$::operatingsystemrelease/stable/oss/", + $baseurl = "http://yumrepo/repositories/rhel/${::operatingsystemrelease}\ + /stable/oss/", } fedora: { $baseurl = 'http://192.168.203.177/foo/', } default: { - fail( "Cloudstack module is only supported on CentOS, RedHat, and Fedora-based systems." + fail( 'Cloudstack module is only supported on CentOS, RedHat, and \ + Fedora-based systems.' } } - yumrepo{ 'Cloudstack': + yumrepo{ 'cloudstack': baseurl => $baseurl, - name => 'CloudStack', enabled => 1, gpgcheck => 0, } - file_line { 'cs_sudo_rule' + file_line { 'cs_sudo_rule': path => '/etc/sudoers', line => 'cloud ALL = NOPASSWD : ALL', } - file { '/etc/hosts': - content => template( 'cloudstack/hosts' ), + host { 'localhost': + ensure => present, + ip => '127.0.0.1', + host_aliases => [ 'localhost.localdomain', $::fqdn, $::hostname ], } - package { wget: ensure => present } ### Not needed after 2.2.9, see bug 11258 + package { 'wget': ensure => present } # Not needed after 2.2.9, see bug 11258 file { '/etc/selinux/config': - source => 'puppet://puppet/cloudstack/config', + source => 'puppet:///modules/cloudstack/config', } - exec { '/usr/sbin/setenforce 0': + + exec { 'disable_selinux': + cmd => '/usr/sbin/setenforce 0', onlyif => '/usr/sbin/getenforce | grep Enforcing', } } diff --git a/manifests/kvmagent.pp b/manifests/kvmagent.pp index 55945f8..2e7d513 100644 --- a/manifests/kvmagent.pp +++ b/manifests/kvmagent.pp @@ -15,62 +15,29 @@ # class cloudstack::kvmagent { include cloudstack - package {cloud-agent : ensure => present, require => Yumrepo[CloudStack], } - exec { "cloud-setup-agent": - creates => "/var/log/cloud/setupAgent.log", - requires => [ Package[cloud-agent], - Package[NetworkManager], - File["/etc/sudoers"], - File["/etc/cloud/agent/agent.properties"] - File["/etc/sysconfig/network-scripts/ifcfg-eth0"], - File["/etc/hosts"], - File["/etc/sysconfig/network"], - File["/etc/resolv.conf"], - Service["network"], - ] + package { 'cloud-agent': + ensure => present, + require => Yumrepo[ 'cloudstack' ], } - - file { "/etc/cloud/agent/agent.properties": - ensure => present, - requires => Package[cloud-agent], - content => template("cloudstack/agent.properties") - } - -######## AGENT NETWORKING SECTION SEE NOTES BEFORE END OF NETWORKING SECTION ############ - - file { "/etc/sysconfig/network-scripts/ifcfg-eth0": - content => template("cloudstack/ifcfg-eth0"), + exec { 'cloud-setup-agent': + creates => '/var/log/cloud/setupAgent.log', + requires => [ + Package[ 'cloud-agent' ], + File[ '/etc/cloud/agent/agent.properties' ], + File_line[ 'cs_sudo_rule' ], + Host[ 'localhost' ], + ], } - service { network: - ensure => running, - enabed => true, - hasstatus => true, ## Is that really true? - requires => [ Package[NetworkManager], File["/etc/sysconfig/network-scripts/ifcfg-eth0"], ] - } - - package { NetworkManager: - ensure => absent, + file { '/etc/cloud/agent/agent.properties': + ensure => present, + requires => Package[ 'cloud-agent' ], + content => template( 'cloudstack/agent.properties' ), } - file { "/etc/sysconfig/network": - content => template("cloudstack/network"), - } - - file { "/etc/resolv.conf": - content => template("cloudstack/resolv.conf"), - } - -### NOTES: This assumes a single NIC (eth0) will be used for CloudStack and ensures that the -### config file is correct syntactically and in place -### If you wish to use more than a single NIC you will need to edit both the agent.properties -### file and add additional ifcfg-ethX files to this configuration. -### - -######### END AGENT NETWORKING ############################################################## ########## Also need to create a agent.properties stanza, and likely need to define From 5d021e8c92f87c36104340684b59b3bac244dc92 Mon Sep 17 00:00:00 2001 From: Eric Shamow Date: Tue, 11 Oct 2011 14:09:24 -0400 Subject: [PATCH 06/49] Testing inclusion of third party iptables and mysql modules --- Modulefile | 4 +- manifests/init.pp | 15 +++--- manifests/kvmagent.pp | 10 ++-- manifests/mgmt.pp | 119 +++++++++++++++++++++--------------------- 4 files changed, 75 insertions(+), 73 deletions(-) diff --git a/Modulefile b/Modulefile index 8a3ac2a..a9065b6 100644 --- a/Modulefile +++ b/Modulefile @@ -8,4 +8,6 @@ description 'Installation and configuration of all CloudStack components' project_page 'https://github.com/puppetlabs/puppetlabs-cloudstack' ## Add dependencies, if any: -dependency 'puppetlabs/stdlib', '>= 2.0.0' \ No newline at end of file +dependency 'puppetlabs/stdlib', '>= 2.0.0' +dependency 'bobsh/iptables', '>= 1.2.0' +dependency 'rocha/mysql' '>= 0.1.0' \ No newline at end of file diff --git a/manifests/init.pp b/manifests/init.pp index a466755..ab07445 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -22,16 +22,17 @@ include cloudstack::params case $::operatingsystem { - /(centos|redhat)/: { - $baseurl = "http://yumrepo/repositories/rhel/${::operatingsystemrelease}\ - /stable/oss/", + /(CentOS|redhat)/: { +# $baseurl = "http://192.168.0.189/yumrepo/repositories/rhel/${::operatingsystemrelease} \ +# /stable/oss/" + $baseurl = "http://192.168.0.189/~eric/cloudstack_repo/" } fedora: { - $baseurl = 'http://192.168.203.177/foo/', + $baseurl = 'http://192.168.203.177/foo/' } default: { fail( 'Cloudstack module is only supported on CentOS, RedHat, and \ - Fedora-based systems.' + Fedora-based systems.' ) } } @@ -59,7 +60,7 @@ } exec { 'disable_selinux': - cmd => '/usr/sbin/setenforce 0', - onlyif => '/usr/sbin/getenforce | grep Enforcing', + command => '/usr/sbin/setenforce 0', + onlyif => '/usr/sbin/getenforce | grep Enforcing', } } diff --git a/manifests/kvmagent.pp b/manifests/kvmagent.pp index 2e7d513..c4fa103 100644 --- a/manifests/kvmagent.pp +++ b/manifests/kvmagent.pp @@ -21,9 +21,9 @@ require => Yumrepo[ 'cloudstack' ], } - exec { 'cloud-setup-agent': + exec { '/usr/bin/cloud-setup-agent': creates => '/var/log/cloud/setupAgent.log', - requires => [ + require => [ Package[ 'cloud-agent' ], File[ '/etc/cloud/agent/agent.properties' ], File_line[ 'cs_sudo_rule' ], @@ -33,9 +33,9 @@ file { '/etc/cloud/agent/agent.properties': - ensure => present, - requires => Package[ 'cloud-agent' ], - content => template( 'cloudstack/agent.properties' ), + ensure => present, + require => Package[ 'cloud-agent' ], + content => template( 'cloudstack/agent.properties' ), } diff --git a/manifests/mgmt.pp b/manifests/mgmt.pp index fcf0d98..6426a10 100644 --- a/manifests/mgmt.pp +++ b/manifests/mgmt.pp @@ -1,15 +1,39 @@ +# Class: cloudstack::mgmt +# +# This class builds the CloudStack management node +# +# Parameters: +# +# Actions: +# Install the cloud-client package +# Run cloud-setup-management script only if MySQL is installed and configured +# +# Requires: +# +# Package[ 'sudo' ] + +# Sample Usage: +# This class should not be included directly. It is called from other modules. +# class cloudstack::mgmt { include cloudstack + include mysql::server - package {cloud-client : ensure => present, require => Yumrepo[CloudStack], } + package { 'cloud-client': + ensure => present, + require => Yumrepo[ 'cloudstack' ], + } - exec { "cloud-setup-management": - onlyif => [ "test -e /var/lib/mysql/cloud", - "test -e /etc/sysconfig/cloud-management", - "service cloud-management status |grep -v running" ] - #The last check won't work on systemd, need to come up with some alternative - } -########## Requires the iptables module from: http://github.com/camptocamp/puppet-iptables/ + service { 'cloud-management': + ensure => running, + enable => true, + hasstatus => true, + } + + exec { '/usr/bin/cloud-setup-management': + onlyif => [ '/usr/bin/test -e /etc/sysconfig/cloud-management' ], + require => [ Service[ 'cloud-management' ], Exec[ 'cloud_setup_databases' ] ], + } iptables { "http": proto => "tcp", @@ -41,74 +65,49 @@ jump => "ACCEPT", } - -#################### MYSQL SECTION - can likely be removed if you are using puppet in production and use your own mysql module ######### -# wondering if i should do this as a separate subclass - - package {mysql-server : ensure => present } - - service {mysqld: - name => $operatingsystem? { - default => "mysqld", - ubuntu => "mysql", - }, - ensure => running, - enable => true, - hasstatus => true, - require => Package[mysql-server], - } - - file {"/etc/my.cnf": - source => "puppet://puppet/cloudstack/my.cnf", - notify => Service[mysqld], - } - - exec {"cloud-setup-databases cloud:dbpassword@localhost --deploy-as=root": + exec { 'cloud_setup_databases': + command => "/usr/bin/cloud-setup-databases cloud:dbpassword@localhost --deploy-as=root", creates => "/var/lib/mysql/cloud", } -################## END MYSQL SECTION ################################################################################################### - -################## CloudStack configuration section #################################################################################### - ########## Zone ################ - exec {"curl 'http://localhost:8096/?command=createZone&dns1=8.8.8.8&internaldns1=8.8.8.8&name=Zone1&networktype=Basic'": - onlyif => "curl 'http://localhost:8096/?command=listZones&available=true' | grep -v Zone1" - } +# exec {"curl 'http://localhost:8096/?command=createZone&dns1=8.8.8.8&internaldns1=8.8.8.8&name=Zone1&networktype=Basic'": +# onlyif => "curl 'http://localhost:8096/?command=listZones&available=true' | grep -v Zone1" +# } ########## Pod ################# - exec {"curl 'http://localhost:8096?command=createPod&gateway=192.168.203.1&name=Pod1&netmask=255.255.255.0&startip=192.168.203.200&zoneid=4&endip=192.168.203.230'": - onlyif => [ "curl 'http://localhost:8096/?command=listZones&available=true' | grep Zone1", - "curl 'http://localhost:8096/?command=listPods' | grep -v Pod1", - ] - } +# exec {"curl 'http://localhost:8096?command=createPod&gateway=192.168.203.1&name=Pod1&netmask=255.255.255.0&startip=192.168.203.200&zoneid=4&endip=192.168.203.230'": +# onlyif => [ "curl 'http://localhost:8096/?command=listZones&available=true' | grep Zone1", +# "curl 'http://localhost:8096/?command=listPods' | grep -v Pod1", +# ] +# } ########## Cluster ############## - exec {"curl 'http://localhost:8096?command=addCluster&clustername=Cluster1&clustertype=CloudManaged&hypervisor=${hvtype}&zoneid=4&podid=1'": - onlyif => ["curl 'http://localhost:8096/?command=listZones&available=true' | grep Zone1", - "curl 'http://localhost:8096/?command=listPods' | grep Pod1", - "curl 'http://localhost:8096/?command=listClusters' | grep -v Cluster1", - ] - } +# exec {"curl 'http://localhost:8096?command=addCluster&clustername=Cluster1&clustertype=CloudManaged&hypervisor=${hvtype}&zoneid=4&podid=1'": +# onlyif => ["curl 'http://localhost:8096/?command=listZones&available=true' | grep Zone1", +# "curl 'http://localhost:8096/?command=listPods' | grep Pod1", +# "curl 'http://localhost:8096/?command=listClusters' | grep -v Cluster1", +# ] +# } ########## SecStorage ############ ## NOTE: This will take a LONG time to run. Go get a cup of coffee - exec { "mount ${cloudstack::cs_sec_storage_nfs_server}:${cloudstack::cs_sec_storage_mnt_point} /mnt ; - ${cloudstack::system_tmplt_dl_cmd} -m /mnt -u ${cloudstack::sysvm_url_kvm} -h kvm -F ; - curl 'http://localhost:8096/?command=addSecondaryStorage&url=nfs://${cloudstack::cs_sec_storage_nfs_server}${cloudstack::cs_sec_storage_mnt_point}&zoneid=1' ; - touch /var/lib/cloud/ssvm": - onlyif => [ "test ! -e /var/lib/cloud/ssvm", "curl 'http://localhost:8096/?command=listZones&available=true' | grep Zone1",] - } +# exec { "mount ${cloudstack::cs_sec_storage_nfs_server}:${cloudstack::cs_sec_storage_mnt_point} /mnt ; +# ${cloudstack::system_tmplt_dl_cmd} -m /mnt -u ${cloudstack::sysvm_url_kvm} -h kvm -F ; +# curl 'http://localhost:8096/?command=addSecondaryStorage&url=nfs://${cloudstack::cs_sec_storage_nfs_server}${cloudstack::cs_sec_storage_mnt_point}&zoneid=1' ; +# touch /var/lib/cloud/ssvm": +# onlyif => [ "test ! -e /var/lib/cloud/ssvm", "curl 'http://localhost:8096/?command=listZones&available=true' | grep Zone1",] +# } ########## Primary Storage ######## ### THis needs to add a check for a host to have been added - exec { "curl 'http://localhost:8096/?command=createStoragePool&name=PStorage&url=nfs://${cloudstack::pri_storage_nfs_server}${cloudstack::pri_storage_mnt_point}&zoneid=4&podid=1'": - onlyif => ["curl 'http://localhost:8096/?command=listPods' | grep Pod1", - "curl 'http://localhost:8096/?command=listStoragePools' | grep -v PStorage", - ] - } +# exec { "curl 'http://localhost:8096/?command=createStoragePool&name=PStorage&url=nfs://${cloudstack::pri_storage_nfs_server}${cloudstack::pri_storage_mnt_point}&zoneid=4&podid=1'": +# onlyif => ["curl 'http://localhost:8096/?command=listPods' | grep Pod1", +# "curl 'http://localhost:8096/?command=listStoragePools' | grep -v PStorage", +# ] +# } } From dbcffc640409de006ba8edd933effbfef3622855 Mon Sep 17 00:00:00 2001 From: Eric Shamow Date: Tue, 11 Oct 2011 15:32:24 -0400 Subject: [PATCH 07/49] Redefined zone as defined type, testing --- manifests/mgmt.pp | 85 ++++++++++++++++++++++++--------------------- manifests/params.pp | 3 +- manifests/zone.pp | 29 ++++++++++++++++ 3 files changed, 76 insertions(+), 41 deletions(-) create mode 100644 manifests/zone.pp diff --git a/manifests/mgmt.pp b/manifests/mgmt.pp index 6426a10..5891e12 100644 --- a/manifests/mgmt.pp +++ b/manifests/mgmt.pp @@ -6,7 +6,9 @@ # # Actions: # Install the cloud-client package -# Run cloud-setup-management script only if MySQL is installed and configured +# Install cloud database only if MySQL is installed and configured +# Run cloud-setup-management script +# Open appropriate iptables ports # # Requires: # @@ -32,81 +34,86 @@ exec { '/usr/bin/cloud-setup-management': onlyif => [ '/usr/bin/test -e /etc/sysconfig/cloud-management' ], - require => [ Service[ 'cloud-management' ], Exec[ 'cloud_setup_databases' ] ], + require => [ Service[ 'cloud-management' ], + Exec[ 'cloud_setup_databases' ] ], } - iptables { "http": - proto => "tcp", - dport=> "80", - jump => "ACCEPT", + iptables { 'http': + proto => 'tcp', + dport => '80', + jump => 'ACCEPT', } - iptables { "http-alt": - proto => "tcp", - dport=> "8080", - jump => "ACCEPT", + iptables { 'http-alt': + proto => 'tcp', + dport => '8080', + jump => 'ACCEPT', } -# iptables { "port-8096": ###### this is the unauthenticated API interface - should be locked down by default. -# proto => "tcp", -# dport=> "8096", -# jump => "ACCEPT", +###### this is the unauthenticated API interface - should be locked down by default. +# iptables { 'port-8096': +# proto => 'tcp', +# dport=> '8096', +# jump => 'ACCEPT', # } - iptables { "port-8250": ############ Think this is for cpvm, but check for certain. - proto => "tcp", - dport=> "8250", - jump => "ACCEPT", + iptables { 'port-8250': #### Think this is for cpvm, but check for certain. + proto => 'tcp', + dport => '8250', + jump => 'ACCEPT', } - iptables { "port-9090": ####################### find out what this does in cloudstack - proto => "tcp", - dport=> "9090", - jump => "ACCEPT", + iptables { 'port-9090': ############# find out what this does in cloudstack + proto => 'tcp', + dport => '9090', + jump => 'ACCEPT', } exec { 'cloud_setup_databases': - command => "/usr/bin/cloud-setup-databases cloud:dbpassword@localhost --deploy-as=root", - creates => "/var/lib/mysql/cloud", + command => + '/usr/bin/cloud-setup-databases cloud:dbpassword@localhost \ + --deploy-as=root', + creates => '/var/lib/mysql/cloud', } + cloudstack::zone { 'zone1': } ########## Zone ################ -# exec {"curl 'http://localhost:8096/?command=createZone&dns1=8.8.8.8&internaldns1=8.8.8.8&name=Zone1&networktype=Basic'": -# onlyif => "curl 'http://localhost:8096/?command=listZones&available=true' | grep -v Zone1" +# exec {'curl 'http://localhost:8096/?command=createZone&dns1=8.8.8.8&internaldns1=8.8.8.8&name=Zone1&networktype=Basic'': +# onlyif => 'curl 'http://localhost:8096/?command=listZones&available=true' | grep -v Zone1' # } ########## Pod ################# -# exec {"curl 'http://localhost:8096?command=createPod&gateway=192.168.203.1&name=Pod1&netmask=255.255.255.0&startip=192.168.203.200&zoneid=4&endip=192.168.203.230'": -# onlyif => [ "curl 'http://localhost:8096/?command=listZones&available=true' | grep Zone1", -# "curl 'http://localhost:8096/?command=listPods' | grep -v Pod1", +# exec {'curl 'http://localhost:8096?command=createPod&gateway=192.168.203.1&name=Pod1&netmask=255.255.255.0&startip=192.168.203.200&zoneid=4&endip=192.168.203.230'': +# onlyif => [ 'curl 'http://localhost:8096/?command=listZones&available=true' | grep Zone1', +# 'curl 'http://localhost:8096/?command=listPods' | grep -v Pod1', # ] # } ########## Cluster ############## -# exec {"curl 'http://localhost:8096?command=addCluster&clustername=Cluster1&clustertype=CloudManaged&hypervisor=${hvtype}&zoneid=4&podid=1'": -# onlyif => ["curl 'http://localhost:8096/?command=listZones&available=true' | grep Zone1", -# "curl 'http://localhost:8096/?command=listPods' | grep Pod1", -# "curl 'http://localhost:8096/?command=listClusters' | grep -v Cluster1", +# exec {'curl 'http://localhost:8096?command=addCluster&clustername=Cluster1&clustertype=CloudManaged&hypervisor=${hvtype}&zoneid=4&podid=1'': +# onlyif => ['curl 'http://localhost:8096/?command=listZones&available=true' | grep Zone1', +# 'curl 'http://localhost:8096/?command=listPods' | grep Pod1', +# 'curl 'http://localhost:8096/?command=listClusters' | grep -v Cluster1', # ] # } ########## SecStorage ############ ## NOTE: This will take a LONG time to run. Go get a cup of coffee -# exec { "mount ${cloudstack::cs_sec_storage_nfs_server}:${cloudstack::cs_sec_storage_mnt_point} /mnt ; +# exec { 'mount ${cloudstack::cs_sec_storage_nfs_server}:${cloudstack::cs_sec_storage_mnt_point} /mnt ; # ${cloudstack::system_tmplt_dl_cmd} -m /mnt -u ${cloudstack::sysvm_url_kvm} -h kvm -F ; # curl 'http://localhost:8096/?command=addSecondaryStorage&url=nfs://${cloudstack::cs_sec_storage_nfs_server}${cloudstack::cs_sec_storage_mnt_point}&zoneid=1' ; -# touch /var/lib/cloud/ssvm": -# onlyif => [ "test ! -e /var/lib/cloud/ssvm", "curl 'http://localhost:8096/?command=listZones&available=true' | grep Zone1",] +# touch /var/lib/cloud/ssvm': +# onlyif => [ 'test ! -e /var/lib/cloud/ssvm', 'curl 'http://localhost:8096/?command=listZones&available=true' | grep Zone1',] # } ########## Primary Storage ######## ### THis needs to add a check for a host to have been added -# exec { "curl 'http://localhost:8096/?command=createStoragePool&name=PStorage&url=nfs://${cloudstack::pri_storage_nfs_server}${cloudstack::pri_storage_mnt_point}&zoneid=4&podid=1'": -# onlyif => ["curl 'http://localhost:8096/?command=listPods' | grep Pod1", -# "curl 'http://localhost:8096/?command=listStoragePools' | grep -v PStorage", +# exec { 'curl 'http://localhost:8096/?command=createStoragePool&name=PStorage&url=nfs://${cloudstack::pri_storage_nfs_server}${cloudstack::pri_storage_mnt_point}&zoneid=4&podid=1'': +# onlyif => ['curl 'http://localhost:8096/?command=listPods' | grep Pod1', +# 'curl 'http://localhost:8096/?command=listStoragePools' | grep -v PStorage', # ] # } diff --git a/manifests/params.pp b/manifests/params.pp index e6c3cb4..f99fcfe 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -3,9 +3,8 @@ # class cloudstack::params { + $mgmt_port = '8096' $cs_mgmt_server = "192.168.203.177" - $internaldns1 = "192.168.203.1" - $dns1 = "8.8.8.8" $cs_agent_netmask = "255.255.255.0" $cs_sec_storage_nfs_server = "192.168.203.176" $cs_sec_storage_mnt_point = "/secondary" diff --git a/manifests/zone.pp b/manifests/zone.pp new file mode 100644 index 0000000..c516e5a --- /dev/null +++ b/manifests/zone.pp @@ -0,0 +1,29 @@ +# Defined resource type: cloudstack::zone +# +# This defined type is used to identify a CloudStack zone +# +# Parameters: +# +# Actions: +# +# Requires: +# +# +# Sample Usage: +# This class should not be included directly. It is called from other modules. +# +define cloudstack::zone( + $zone_dns='8.8.8.8', + $zone_internal_dns='8.8.8.8', + networktype='Basic' + ) { + $reststring = "\'http://localhost:${cloudstack::params::mgmt_port}/?command\ + =createZone&dns1=${zone_internal_dns}&internaldns1=\ + ${zone_internal_dns}&name=${name}&networktype=\ + ${networktype}\'" + notify { $reststring: } + exec { "curl ${reststring}": + onlyif => "curl \'http://localhost:${cloudstack::params::mgmt_port}/?\ + command=listZones&available=true\' | grep -v ${name}", + } +} \ No newline at end of file From 583f8d3df329671d1ad9e6d3fdcbfe26b7fe8cb1 Mon Sep 17 00:00:00 2001 From: Eric Shamow Date: Tue, 11 Oct 2011 18:09:42 -0400 Subject: [PATCH 08/49] Refactored zone --- manifests/mgmt.pp | 16 +++++++--------- manifests/zone.pp | 26 +++++++++++++++++--------- 2 files changed, 24 insertions(+), 18 deletions(-) diff --git a/manifests/mgmt.pp b/manifests/mgmt.pp index 5891e12..e614725 100644 --- a/manifests/mgmt.pp +++ b/manifests/mgmt.pp @@ -21,6 +21,9 @@ include cloudstack include mysql::server + $dbstring = inline_template( "<%= \"/usr/bin/cloud-setup-databases \" + + \"cloud:dbpassword@localhost --deploy-as=root\" %>" ) + package { 'cloud-client': ensure => present, require => Yumrepo[ 'cloudstack' ], @@ -30,10 +33,11 @@ ensure => running, enable => true, hasstatus => true, + require => Package[ 'cloud-client' ], } exec { '/usr/bin/cloud-setup-management': - onlyif => [ '/usr/bin/test -e /etc/sysconfig/cloud-management' ], + unless => [ '/usr/bin/test -e /etc/sysconfig/cloud-management' ], require => [ Service[ 'cloud-management' ], Exec[ 'cloud_setup_databases' ] ], } @@ -70,18 +74,12 @@ } exec { 'cloud_setup_databases': - command => - '/usr/bin/cloud-setup-databases cloud:dbpassword@localhost \ - --deploy-as=root', + command => $dbstring, creates => '/var/lib/mysql/cloud', + require => Service[ 'mysqld' ], } cloudstack::zone { 'zone1': } -########## Zone ################ - -# exec {'curl 'http://localhost:8096/?command=createZone&dns1=8.8.8.8&internaldns1=8.8.8.8&name=Zone1&networktype=Basic'': -# onlyif => 'curl 'http://localhost:8096/?command=listZones&available=true' | grep -v Zone1' -# } ########## Pod ################# diff --git a/manifests/zone.pp b/manifests/zone.pp index c516e5a..3af1bb5 100644 --- a/manifests/zone.pp +++ b/manifests/zone.pp @@ -3,6 +3,9 @@ # This defined type is used to identify a CloudStack zone # # Parameters: +# zone_dns - The external DNS server +# zone_internal_dns - Internal DNS server +# networktype - Network type to use for zone. Valid options are # # Actions: # @@ -10,20 +13,25 @@ # # # Sample Usage: -# This class should not be included directly. It is called from other modules. +# cloudstack::zone { 'samplezone': +# zone_dns => 'myinternaldns', +# } # define cloudstack::zone( $zone_dns='8.8.8.8', $zone_internal_dns='8.8.8.8', networktype='Basic' ) { - $reststring = "\'http://localhost:${cloudstack::params::mgmt_port}/?command\ - =createZone&dns1=${zone_internal_dns}&internaldns1=\ - ${zone_internal_dns}&name=${name}&networktype=\ - ${networktype}\'" - notify { $reststring: } - exec { "curl ${reststring}": - onlyif => "curl \'http://localhost:${cloudstack::params::mgmt_port}/?\ - command=listZones&available=true\' | grep -v ${name}", + $teststring = inline_template( "<%= \"http://localhost:\" + + \"${cloudstack::params::mgmt_port}/?command=listZones&\" + + \"available=true\" %>" ) + $reststring = inline_template( "<%= \"http://localhost:\" + + \"${cloudstack::params::mgmt_port}/?command=createZone&dns1\" + + \"=${zone_internal_dns}&internaldns1=${zone_internal_dns}\" + + \"&name=${name}&networktype=${networktype}\" %>" ) + + exec { "/usr/bin/curl \'${reststring}\'": + onlyif => "/usr/bin/curl \'${teststring}\' | grep -v ${name}", + require => Exec[ 'cloud_setup_databases' ], } } \ No newline at end of file From 35583f3b8f2afc97961e10e6d0aa158f2a802088 Mon Sep 17 00:00:00 2001 From: Eric Shamow Date: Tue, 11 Oct 2011 19:02:55 -0400 Subject: [PATCH 09/49] Created pod --- manifests/mgmt.pp | 18 +++++++++--------- manifests/pod.pp | 40 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 49 insertions(+), 9 deletions(-) create mode 100644 manifests/pod.pp diff --git a/manifests/mgmt.pp b/manifests/mgmt.pp index e614725..087ab38 100644 --- a/manifests/mgmt.pp +++ b/manifests/mgmt.pp @@ -79,15 +79,15 @@ require => Service[ 'mysqld' ], } - cloudstack::zone { 'zone1': } - -########## Pod ################# - -# exec {'curl 'http://localhost:8096?command=createPod&gateway=192.168.203.1&name=Pod1&netmask=255.255.255.0&startip=192.168.203.200&zoneid=4&endip=192.168.203.230'': -# onlyif => [ 'curl 'http://localhost:8096/?command=listZones&available=true' | grep Zone1', -# 'curl 'http://localhost:8096/?command=listPods' | grep -v Pod1', -# ] -# } + cloudstack::zone { 'zone1': } -> + + cloudstack::pod { 'pod1': + gateway => '192.168.203.1', + netmask => '255.255.255.0', + startip => '192.168.203.200', + endip => '192.168.203.230', + zoneid => '1', + } ########## Cluster ############## diff --git a/manifests/pod.pp b/manifests/pod.pp new file mode 100644 index 0000000..00daa41 --- /dev/null +++ b/manifests/pod.pp @@ -0,0 +1,40 @@ +# Defined resource type: cloudstack::zone +# +# This defined type is used to identify a CloudStack zone +# +# Parameters: +# zone_dns - The external DNS server +# zone_internal_dns - Internal DNS server +# networktype - Network type to use for zone. Valid options are +# +# Actions: +# +# Requires: +# +# +# Sample Usage: +# cloudstack::zone { 'samplezone': +# zone_dns => 'myinternaldns', +# } +# +define cloudstack::pod( + $gateway, + $netmask, + $startip, + $endip, + $zoneid + ) { + #### NEED TO VERIFY THAT ZONEID IS VALID! + $teststring = inline_template( "<%= \"http://localhost:\" + + \"${cloudstack::params::mgmt_port}/?command=listPods&\" + + \"available=true\" %>" ) + $reststring = inline_template( "<%= \"http://localhost:\" + + \"${cloudstack::params::mgmt_port}/?command=createPod&\" + + \"gateway=${gateway}&name=${name}&netmask=${netmask}&\" + + \"startip=${startip}&endip=${endip}&zoneid=${zoneid}\" %>" ) + + exec { "/usr/bin/curl \'${reststring}\'": + onlyif => "/usr/bin/curl \'${teststring}\' | grep -v ${name}", + require => Exec[ 'cloud_setup_databases' ], + } +} \ No newline at end of file From 3b4ea8b8cc9dcc457f590028e6cdfd802375284a Mon Sep 17 00:00:00 2001 From: Eric Shamow Date: Tue, 11 Oct 2011 21:08:59 -0400 Subject: [PATCH 10/49] Moved declaration code into test manifest --- manifests/cluster.pp | 48 ++++++++++++++++++++++++++++++++++++++++++++ manifests/mgmt.pp | 20 +----------------- manifests/pod.pp | 10 ++++++--- 3 files changed, 56 insertions(+), 22 deletions(-) create mode 100644 manifests/cluster.pp diff --git a/manifests/cluster.pp b/manifests/cluster.pp new file mode 100644 index 0000000..a1e7b4c --- /dev/null +++ b/manifests/cluster.pp @@ -0,0 +1,48 @@ +# Defined resource type: cloudstack::zone +# +# This defined type is used to identify a CloudStack zone +# +# Parameters: +# zone_dns - The external DNS server +# zone_internal_dns - Internal DNS server +# networktype - Network type to use for zone. Valid options are +# +# Actions: +# +# Requires: +# +# +# Sample Usage: +# cloudstack::zone { 'samplezone': +# zone_dns => 'myinternaldns', +# } +# +define cloudstack::cluster( + $clustertype = 'CloudManaged', + $hypervisor = $hvtype, + $zoneid, + $podid + ) { + #### NEED TO VERIFY THAT ZONEID AND PODID ARE VALID! + $teststring_zone = inline_template( "<%= \"http://localhost:\" + + \"${cloudstack::params::mgmt_port}/?command=listZones&\" + + \"available=true\" %>" ) + $teststring_pod = inline_template( "<%= \"http://localhost:\" + + \"${cloudstack::params::mgmt_port}/?command=listPods&\" + + \"available=true\" %>" ) + $teststring_cluster = inline_template( "<%= \"http://localhost:\" + + \"${cloudstack::params::mgmt_port}/?command=listClusters&\" + + \"available=true\" %>" ) + $reststring = inline_template( "<%= \"http://localhost:\" + + \"${cloudstack::params::mgmt_port}/?command=addCluster&\" + + \"clustername=${name}&clustertype=${clustertype}&\" + + \"hypervisor=${hypervisor}&zoneid=${zoneid$}&\" + + \"podid=${podid}\" %>" ) + + exec { "/usr/bin/curl \'${reststring}\'": + onlyif => [ "/usr/bin/curl \'${teststring_zone}\' | grep ${zoneid}", + "/usr/bin/curl \'${teststring_pod}\' | grep ${podid}", + "/usr/bin/curl \'${teststring_cluster}\' | grep -v ${cluster}" ] + require => Exec[ 'cloud_setup_databases' ], + } +} \ No newline at end of file diff --git a/manifests/mgmt.pp b/manifests/mgmt.pp index 087ab38..139fa26 100644 --- a/manifests/mgmt.pp +++ b/manifests/mgmt.pp @@ -79,25 +79,7 @@ require => Service[ 'mysqld' ], } - cloudstack::zone { 'zone1': } -> - - cloudstack::pod { 'pod1': - gateway => '192.168.203.1', - netmask => '255.255.255.0', - startip => '192.168.203.200', - endip => '192.168.203.230', - zoneid => '1', - } - -########## Cluster ############## - -# exec {'curl 'http://localhost:8096?command=addCluster&clustername=Cluster1&clustertype=CloudManaged&hypervisor=${hvtype}&zoneid=4&podid=1'': -# onlyif => ['curl 'http://localhost:8096/?command=listZones&available=true' | grep Zone1', -# 'curl 'http://localhost:8096/?command=listPods' | grep Pod1', -# 'curl 'http://localhost:8096/?command=listClusters' | grep -v Cluster1', -# ] -# } - +} ########## SecStorage ############ ## NOTE: This will take a LONG time to run. Go get a cup of coffee # exec { 'mount ${cloudstack::cs_sec_storage_nfs_server}:${cloudstack::cs_sec_storage_mnt_point} /mnt ; diff --git a/manifests/pod.pp b/manifests/pod.pp index 00daa41..9ac84ef 100644 --- a/manifests/pod.pp +++ b/manifests/pod.pp @@ -24,8 +24,10 @@ $endip, $zoneid ) { - #### NEED TO VERIFY THAT ZONEID IS VALID! - $teststring = inline_template( "<%= \"http://localhost:\" + + $teststring_zone = inline_template( "<%= \"http://localhost:\" + + \"${cloudstack::params::mgmt_port}/?command=listZones&\" + + \"available=true\" %>" ) + $teststring_pod = inline_template( "<%= \"http://localhost:\" + \"${cloudstack::params::mgmt_port}/?command=listPods&\" + \"available=true\" %>" ) $reststring = inline_template( "<%= \"http://localhost:\" + @@ -34,7 +36,9 @@ \"startip=${startip}&endip=${endip}&zoneid=${zoneid}\" %>" ) exec { "/usr/bin/curl \'${reststring}\'": - onlyif => "/usr/bin/curl \'${teststring}\' | grep -v ${name}", + unless => [ + "/usr/bin/curl \'${teststring_zone}\' | grep ${zoneid}", + "/usr/bin/curl \'${teststring_pod}\' | grep -v ${pod}", ], require => Exec[ 'cloud_setup_databases' ], } } \ No newline at end of file From a79b55f338f193f1ab7886fca3b3977481668c69 Mon Sep 17 00:00:00 2001 From: Eric Shamow Date: Tue, 11 Oct 2011 21:09:06 -0400 Subject: [PATCH 11/49] Moved declaration code into test manifest --- tests/init.pp | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 tests/init.pp diff --git a/tests/init.pp b/tests/init.pp new file mode 100644 index 0000000..5407152 --- /dev/null +++ b/tests/init.pp @@ -0,0 +1,18 @@ +include cloudstack::mgmt + +cloudstack::zone { 'zone1': } -> + +cloudstack::pod { 'pod1': + gateway => '192.168.203.1', + netmask => '255.255.255.0', + startip => '192.168.203.200', + endip => '192.168.203.230', + zoneid => '1', +} + +cloudstack::cluster { 'cluster1': + clustertype => 'CloudManaged', + hypervisor => $hvtype, + zoneid => '1', + podid => '1', +} From a63032dc57ba4371379d6386b259c1d5c585188d Mon Sep 17 00:00:00 2001 From: David Nalley Date: Thu, 8 Dec 2011 15:25:06 -0500 Subject: [PATCH 12/49] setting resources to purge so that we don't have to worry about IPv6 entries in host file breaking mysql or cs install --- manifests/init.pp | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/manifests/init.pp b/manifests/init.pp index ab07445..74a810e 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -21,6 +21,12 @@ class cloudstack { include cloudstack::params + + resources hosts { + name => "hosts", + purge => true, + } + case $::operatingsystem { /(CentOS|redhat)/: { # $baseurl = "http://192.168.0.189/yumrepo/repositories/rhel/${::operatingsystemrelease} \ From e5a390b24780acb98a6a80050add8c793425c53a Mon Sep 17 00:00:00 2001 From: David Nalley Date: Thu, 8 Dec 2011 15:46:08 -0500 Subject: [PATCH 13/49] reordering so that execs are all in one place - changing from iptables module to puppet-firewall --- Modulefile | 4 ++-- manifests/mgmt.pp | 60 +++++++++++++++++++++++++++++++++-------------- 2 files changed, 45 insertions(+), 19 deletions(-) diff --git a/Modulefile b/Modulefile index a9065b6..1092e00 100644 --- a/Modulefile +++ b/Modulefile @@ -9,5 +9,5 @@ project_page 'https://github.com/puppetlabs/puppetlabs-cloudstack' ## Add dependencies, if any: dependency 'puppetlabs/stdlib', '>= 2.0.0' -dependency 'bobsh/iptables', '>= 1.2.0' -dependency 'rocha/mysql' '>= 0.1.0' \ No newline at end of file +dependency 'puppetlabs/firewall', '>= 0.0.4' +dependency 'rocha/mysql' '>= 0.1.0' diff --git a/manifests/mgmt.pp b/manifests/mgmt.pp index 139fa26..ff415fe 100644 --- a/manifests/mgmt.pp +++ b/manifests/mgmt.pp @@ -42,42 +42,68 @@ Exec[ 'cloud_setup_databases' ] ], } - iptables { 'http': + exec { 'cloud_setup_databases': + command => $dbstring, + creates => '/var/lib/mysql/cloud', + require => Service[ 'mysqld' ], + } + +###################################################### +############ firewall section ######################## +###################################################### + + firewall { '000 allow packets with valid state': + state => ['RELATED', 'ESTABLISHED'], + jump => 'ACCEPT', + } + firewall { '001 allow icmp': + proto => 'icmp', + jump => 'ACCEPT', + } + firewall { '002 allow all to lo interface': + iniface => 'lo', + jump => 'ACCEPT', + } + + firewall { '003 allow port 80 in': proto => 'tcp', dport => '80', - jump => 'ACCEPT', + jump => 'ACCEPT', } - iptables { 'http-alt': + firewall { '100 allow ssh': + proto => 'tcp', + dport => '22', + jump => 'ACCEPT', + } + + firewall { '120 permit 8080 - web interface': proto => 'tcp', dport => '8080', - jump => 'ACCEPT', + jump => 'ACCEPT', } -###### this is the unauthenticated API interface - should be locked down by default. -# iptables { 'port-8096': -# proto => 'tcp', -# dport=> '8096', -# jump => 'ACCEPT', -# } +###### this is the unauthed API interface - should be locked down by default. +# firewall { '130 permit unauthed API': +# proto => 'tcp', +# dport => '8096', +# jump => 'ACCEPT', +# } +# - iptables { 'port-8250': #### Think this is for cpvm, but check for certain. + + firewall { 'port-8250 the CPVM port': #### Think this is for cpvm, but check for certain. proto => 'tcp', dport => '8250', jump => 'ACCEPT', } - iptables { 'port-9090': ############# find out what this does in cloudstack + firewall { 'port-9090': ############# find out what this does in cloudstack proto => 'tcp', dport => '9090', jump => 'ACCEPT', } - exec { 'cloud_setup_databases': - command => $dbstring, - creates => '/var/lib/mysql/cloud', - require => Service[ 'mysqld' ], - } } ########## SecStorage ############ From 4172fc7b0c22791c2e05453902d4a033974571fa Mon Sep 17 00:00:00 2001 From: David Nalley Date: Thu, 8 Dec 2011 16:30:41 -0500 Subject: [PATCH 14/49] cleaning up kvmagent a bit more --- manifests/kvmagent.pp | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/manifests/kvmagent.pp b/manifests/kvmagent.pp index c4fa103..eb48e6d 100644 --- a/manifests/kvmagent.pp +++ b/manifests/kvmagent.pp @@ -21,6 +21,17 @@ require => Yumrepo[ 'cloudstack' ], } + package { 'NetworkManager': + ensure => absent; + } + + service { 'network': + ensure => running, + enabled => true, + hasstatus => true, + requires => Package[ 'cloud-agent' ], + } + exec { '/usr/bin/cloud-setup-agent': creates => '/var/log/cloud/setupAgent.log', require => [ @@ -40,17 +51,10 @@ -########## Also need to create a agent.properties stanza, and likely need to define -########## IP address or name for management server - and do agent.properties as a template. -############ Need to do something that will take care of IP configuration ############ Need to do something that will take care of KVM - make sure module is loaded - need to define what tests cloud-setup-agent actually runs to test for KVM and ensure that we do those tests as well, and rectify if needed (do a reboot?? ) ### Need to handle hostname addition as well - and probably a def gw and ensuring that DNS is set since -### we are so backwards as to not use DHCP -### IP Address thoughts: -### Use a template based on /etc/sysconfig/ifcfg-ethX -### By default only specify eth0, with liberal commenting about what to do in the event of needing to change our simple configuration (e.g. edit agent.properites, add additional network config, etc. ### Require network to be enable ### Require NetworkManager be disabled (Is it installed by default, do we need to do a case?, perhaps we 'ensure absent') ### Make sure we cycle network after deploying a ifcfg. From 2e344b6b95c4ee57075a3f19a68f48df0692f95c Mon Sep 17 00:00:00 2001 From: David Nalley Date: Thu, 8 Dec 2011 17:24:06 -0500 Subject: [PATCH 15/49] moving core firewall rules to init.pp --- manifests/init.pp | 21 +++++++++++++++++++++ manifests/mgmt.pp | 17 ----------------- 2 files changed, 21 insertions(+), 17 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 74a810e..f962a79 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -70,3 +70,24 @@ onlyif => '/usr/sbin/getenforce | grep Enforcing', } } + + +################ base firewall ############################ +# + + firewall { '000 allow packets with valid state': + state => ['RELATED', 'ESTABLISHED'], + jump => 'ACCEPT', + } + firewall { '001 allow icmp': + proto => 'icmp', + jump => 'ACCEPT', + } + firewall { '002 allow all to lo interface': + iniface => 'lo', + jump => 'ACCEPT', + + firewall { '003 allow ssh': + dport => '22', + proto => 'tcp', + } diff --git a/manifests/mgmt.pp b/manifests/mgmt.pp index ff415fe..6713dab 100644 --- a/manifests/mgmt.pp +++ b/manifests/mgmt.pp @@ -52,18 +52,6 @@ ############ firewall section ######################## ###################################################### - firewall { '000 allow packets with valid state': - state => ['RELATED', 'ESTABLISHED'], - jump => 'ACCEPT', - } - firewall { '001 allow icmp': - proto => 'icmp', - jump => 'ACCEPT', - } - firewall { '002 allow all to lo interface': - iniface => 'lo', - jump => 'ACCEPT', - } firewall { '003 allow port 80 in': proto => 'tcp', @@ -71,11 +59,6 @@ jump => 'ACCEPT', } - firewall { '100 allow ssh': - proto => 'tcp', - dport => '22', - jump => 'ACCEPT', - } firewall { '120 permit 8080 - web interface': proto => 'tcp', From ba533cdd2fc3ee72ee96dfcec9a63a193afa9eac Mon Sep 17 00:00:00 2001 From: David Nalley Date: Thu, 8 Dec 2011 17:35:43 -0500 Subject: [PATCH 16/49] adding the appropriate firewall ports to kvmagent --- manifests/init.pp | 2 +- manifests/kvmagent.pp | 21 +++++++++++++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index f962a79..0f37e46 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -56,7 +56,7 @@ host { 'localhost': ensure => present, ip => '127.0.0.1', - host_aliases => [ 'localhost.localdomain', $::fqdn, $::hostname ], + host_aliases => [ $::fqdn, 'localhost.localdomain', $::hostname ], } package { 'wget': ensure => present } # Not needed after 2.2.9, see bug 11258 diff --git a/manifests/kvmagent.pp b/manifests/kvmagent.pp index eb48e6d..20cfdf3 100644 --- a/manifests/kvmagent.pp +++ b/manifests/kvmagent.pp @@ -49,6 +49,27 @@ content => template( 'cloudstack/agent.properties' ), } +################## Firewall stuff ######################### +# + + firewall { "first range": + proto => 'tcp', + dport => '49152-49216', + jump => 'ACCEPT', + } + + firewall { " 191 VNC rules": + proto => 'tcp', + dport => '5900-6100', + jump => 'ACCEPT', + } + + firewall { " 192 port 16509": + proto => 'tcp', + dport => '16509', + jump => 'accept', + } + ############ Need to do something that will take care of KVM - make sure module is loaded - need to define what tests cloud-setup-agent actually runs to test for KVM and ensure that we do those tests as well, and rectify if needed (do a reboot?? ) From 9fcd683b0f0b3356cbe42a8864769f21f1152dd5 Mon Sep 17 00:00:00 2001 From: David Nalley Date: Thu, 8 Dec 2011 17:44:49 -0500 Subject: [PATCH 17/49] foo --- manifests/zone.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/zone.pp b/manifests/zone.pp index 3af1bb5..80091e4 100644 --- a/manifests/zone.pp +++ b/manifests/zone.pp @@ -34,4 +34,4 @@ onlyif => "/usr/bin/curl \'${teststring}\' | grep -v ${name}", require => Exec[ 'cloud_setup_databases' ], } -} \ No newline at end of file +} From 7bbd4033e4d098410fcfe9851005da8d8eb620a0 Mon Sep 17 00:00:00 2001 From: David Nalley Date: Thu, 8 Dec 2011 17:47:32 -0500 Subject: [PATCH 18/49] fixing the README --- README.markdown | 20 +++++--------------- 1 file changed, 5 insertions(+), 15 deletions(-) diff --git a/README.markdown b/README.markdown index 972c6c9..1d00935 100644 --- a/README.markdown +++ b/README.markdown @@ -1,25 +1,15 @@ +* cloudstack-puppet + This is the CloudStack puppet manifest. The original location for this is: -https://gitorious.org/cloudstack-puppet - +https://github.com/cloudstack/cloudstack-puppet -To the extent that this manifest is copyrightable (and that is questionable, as configurations generally aren't) it is licensed under the GPLv3 or at your option any later version. +Original content herein licensed under the Apache 2.0 license. For problems or help, please send messages on: https://lists.sourceforge.net/lists/listinfo/cloudstack-devel -Test Plan: -So this should start from easiest submodules to most complex. -So I am testing in this order: - -NFS server: -(Can I successfully add primary and secondary storage to an existing cloudstack instance) +This is still not yet ready for primetime. -Management Server: -Do the packages get installed properly (repos setup?) -Once installed does database get provisioned -Once database provisioned does UI come up? -Agent: -Soooo much to test here.....basically does it work. From 9414f0d9345888fcc0b2e63f1a7b66fdc8515a49 Mon Sep 17 00:00:00 2001 From: David Nalley Date: Sat, 11 Feb 2012 18:18:22 -0500 Subject: [PATCH 19/49] adding support for scientific linux --- manifests/init.pp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 0f37e46..5a2a6ac 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -22,13 +22,13 @@ include cloudstack::params - resources hosts { + resources { 'hosts': name => "hosts", purge => true, } case $::operatingsystem { - /(CentOS|redhat)/: { + /(CentOS|redhat|Scientific)/: { # $baseurl = "http://192.168.0.189/yumrepo/repositories/rhel/${::operatingsystemrelease} \ # /stable/oss/" $baseurl = "http://192.168.0.189/~eric/cloudstack_repo/" @@ -37,8 +37,7 @@ $baseurl = 'http://192.168.203.177/foo/' } default: { - fail( 'Cloudstack module is only supported on CentOS, RedHat, and \ - Fedora-based systems.' ) + fail( 'Cloudstack module is only supported on CentOS, RedHat, and Fedora-based systems.' ) } } @@ -86,6 +85,7 @@ firewall { '002 allow all to lo interface': iniface => 'lo', jump => 'ACCEPT', + } firewall { '003 allow ssh': dport => '22', From 8ffd69c196a4671427132c0dc11c24527f7d04c1 Mon Sep 17 00:00:00 2001 From: David Nalley Date: Sat, 11 Feb 2012 18:20:09 -0500 Subject: [PATCH 20/49] fixing a syntax issue --- manifests/init.pp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/manifests/init.pp b/manifests/init.pp index 5a2a6ac..be58efc 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -91,3 +91,5 @@ dport => '22', proto => 'tcp', } + +} From 098f1d4d9efeb5849f354cdc1aac24b0ca69e2cc Mon Sep 17 00:00:00 2001 From: David Nalley Date: Sat, 11 Feb 2012 18:23:35 -0500 Subject: [PATCH 21/49] fixing another syntax issue --- manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index be58efc..7913dce 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -68,7 +68,7 @@ command => '/usr/sbin/setenforce 0', onlyif => '/usr/sbin/getenforce | grep Enforcing', } -} + ################ base firewall ############################ From d17cea54f8121dfe2e166f25f216bfd63d5bd316 Mon Sep 17 00:00:00 2001 From: David Nalley Date: Sat, 11 Feb 2012 18:42:13 -0500 Subject: [PATCH 22/49] fixing lots of syntax issues --- manifests/init.pp | 12 ++++-------- manifests/mgmt.pp | 16 ++++++++-------- 2 files changed, 12 insertions(+), 16 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 7913dce..8f4b956 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -22,8 +22,8 @@ include cloudstack::params - resources { 'hosts': - name => "hosts", + resources { 'host': + name => "host", purge => true, } @@ -74,17 +74,13 @@ ################ base firewall ############################ # - firewall { '000 allow packets with valid state': - state => ['RELATED', 'ESTABLISHED'], - jump => 'ACCEPT', - } firewall { '001 allow icmp': proto => 'icmp', - jump => 'ACCEPT', + action => 'accept', } firewall { '002 allow all to lo interface': iniface => 'lo', - jump => 'ACCEPT', + action => 'accept', } firewall { '003 allow ssh': diff --git a/manifests/mgmt.pp b/manifests/mgmt.pp index 6713dab..2d8c795 100644 --- a/manifests/mgmt.pp +++ b/manifests/mgmt.pp @@ -56,35 +56,35 @@ firewall { '003 allow port 80 in': proto => 'tcp', dport => '80', - jump => 'ACCEPT', + jump => 'accept', } firewall { '120 permit 8080 - web interface': proto => 'tcp', dport => '8080', - jump => 'ACCEPT', + jump => 'accept', } ###### this is the unauthed API interface - should be locked down by default. # firewall { '130 permit unauthed API': # proto => 'tcp', # dport => '8096', -# jump => 'ACCEPT', +# jump => 'accept', # } # - firewall { 'port-8250 the CPVM port': #### Think this is for cpvm, but check for certain. + firewall { '8250 CPVM': #### Think this is for cpvm, but check for certain. proto => 'tcp', dport => '8250', - jump => 'ACCEPT', + action => 'accept', } - firewall { 'port-9090': ############# find out what this does in cloudstack + firewall { '9090 unk port': ############# find out what this does in cloudstack proto => 'tcp', dport => '9090', - jump => 'ACCEPT', + action => 'accept', } @@ -106,4 +106,4 @@ # ] # } -} + From ef37efb8d30f52d019d8dfcffe3c60fc48a4df93 Mon Sep 17 00:00:00 2001 From: David Nalley Date: Sun, 16 Dec 2012 00:09:08 -0500 Subject: [PATCH 23/49] adding the 4.0 yum repo, making mysql less of a requirement. --- manifests/init.pp | 15 +-------------- manifests/mgmt.pp | 20 ++++++++++++++++++-- 2 files changed, 19 insertions(+), 16 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 8f4b956..9369296 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -27,22 +27,9 @@ purge => true, } - case $::operatingsystem { - /(CentOS|redhat|Scientific)/: { -# $baseurl = "http://192.168.0.189/yumrepo/repositories/rhel/${::operatingsystemrelease} \ -# /stable/oss/" - $baseurl = "http://192.168.0.189/~eric/cloudstack_repo/" - } - fedora: { - $baseurl = 'http://192.168.203.177/foo/' - } - default: { - fail( 'Cloudstack module is only supported on CentOS, RedHat, and Fedora-based systems.' ) - } - } yumrepo{ 'cloudstack': - baseurl => $baseurl, + baseurl => 'git@github.com:ke4qqq/puppet-cloudstack.git' enabled => 1, gpgcheck => 0, } diff --git a/manifests/mgmt.pp b/manifests/mgmt.pp index 2d8c795..a68033b 100644 --- a/manifests/mgmt.pp +++ b/manifests/mgmt.pp @@ -19,10 +19,26 @@ # class cloudstack::mgmt { include cloudstack - include mysql::server +# include mysql::server ### We really want to specify this - but in the absence of this + +########### MYSQL section ######### + package { 'mysql-server': + ensure => present, + } + + service { 'mysqld': + ensure => running, + enable => true, + hasstatus => true, + require => Package[ 'mysql-server' ], + } + +######### END MYSQL ##################################### $dbstring = inline_template( "<%= \"/usr/bin/cloud-setup-databases \" + \"cloud:dbpassword@localhost --deploy-as=root\" %>" ) +########### If you are using a separate database or different passwords, change it above + package { 'cloud-client': ensure => present, @@ -33,7 +49,7 @@ ensure => running, enable => true, hasstatus => true, - require => Package[ 'cloud-client' ], + require => [Package[ 'cloud-client' ], Service[ 'mysqld' ] ], } exec { '/usr/bin/cloud-setup-management': From 3857be3041e1b5e279571b4d6b0fd929fbcdb26d Mon Sep 17 00:00:00 2001 From: Kris Buytaert Date: Wed, 3 Jul 2013 17:06:07 +0200 Subject: [PATCH 24/49] Pointed repo to correct location, renamed some services to map 4.1 --- manifests/init.pp | 3 ++- manifests/mgmt.pp | 22 +++++++++++----------- 2 files changed, 13 insertions(+), 12 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 9369296..b11c272 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -29,7 +29,8 @@ yumrepo{ 'cloudstack': - baseurl => 'git@github.com:ke4qqq/puppet-cloudstack.git' + baseurl => 'http://cloudstack.apt-get.eu/rhel/4.1/', + # baseurl => 'http://cloudstack.apt-get.eu/rhel/4.0/', enabled => 1, gpgcheck => 0, } diff --git a/manifests/mgmt.pp b/manifests/mgmt.pp index a68033b..ea9f3f8 100644 --- a/manifests/mgmt.pp +++ b/manifests/mgmt.pp @@ -35,30 +35,30 @@ ######### END MYSQL ##################################### - $dbstring = inline_template( "<%= \"/usr/bin/cloud-setup-databases \" + + $dbstring = inline_template( "<%= \"/usr/bin/cloudstack-setup-databases \" + \"cloud:dbpassword@localhost --deploy-as=root\" %>" ) ########### If you are using a separate database or different passwords, change it above - package { 'cloud-client': + package { 'cloudstack-management': ensure => present, require => Yumrepo[ 'cloudstack' ], } - service { 'cloud-management': + service { 'cloudstack-management': ensure => running, enable => true, hasstatus => true, - require => [Package[ 'cloud-client' ], Service[ 'mysqld' ] ], + require => [Package[ 'cloudstack-management' ], Service[ 'mysqld' ] ], } - exec { '/usr/bin/cloud-setup-management': - unless => [ '/usr/bin/test -e /etc/sysconfig/cloud-management' ], - require => [ Service[ 'cloud-management' ], - Exec[ 'cloud_setup_databases' ] ], + exec { '/usr/bin/cloudstack-setup-management': + unless => [ '/usr/bin/test -e /etc/sysconfig/cloudstack-management' ], + require => [ Service[ 'cloudstack-management' ], + Exec[ 'cloudstack_setup_databases' ] ], } - exec { 'cloud_setup_databases': + exec { 'cloudstack_setup_databases': command => $dbstring, creates => '/var/lib/mysql/cloud', require => Service[ 'mysqld' ], @@ -72,14 +72,14 @@ firewall { '003 allow port 80 in': proto => 'tcp', dport => '80', - jump => 'accept', + action => 'accept', } firewall { '120 permit 8080 - web interface': proto => 'tcp', dport => '8080', - jump => 'accept', + action => 'accept', } ###### this is the unauthed API interface - should be locked down by default. From 1d1412f08d4743158ccaf7c09f3c0c3b55b5e8ce Mon Sep 17 00:00:00 2001 From: Kris Buytaert Date: Wed, 3 Jul 2013 17:10:24 +0200 Subject: [PATCH 25/49] Making puppet-lint happy --- manifests/mgmt.pp | 47 +++++++++++++++++++++++------------------------ 1 file changed, 23 insertions(+), 24 deletions(-) diff --git a/manifests/mgmt.pp b/manifests/mgmt.pp index ea9f3f8..fd4ae8a 100644 --- a/manifests/mgmt.pp +++ b/manifests/mgmt.pp @@ -26,12 +26,12 @@ ensure => present, } - service { 'mysqld': - ensure => running, - enable => true, + service { 'mysqld': + ensure => running, + enable => true, hasstatus => true, - require => Package[ 'mysql-server' ], - } + require => Package[ 'mysql-server' ], + } ######### END MYSQL ##################################### @@ -48,14 +48,14 @@ service { 'cloudstack-management': ensure => running, enable => true, - hasstatus => true, + hasstatus => true, require => [Package[ 'cloudstack-management' ], Service[ 'mysqld' ] ], } exec { '/usr/bin/cloudstack-setup-management': unless => [ '/usr/bin/test -e /etc/sysconfig/cloudstack-management' ], - require => [ Service[ 'cloudstack-management' ], - Exec[ 'cloudstack_setup_databases' ] ], + require => [ Service[ 'cloudstack-management' ], + Exec[ 'cloudstack_setup_databases' ] ], } exec { 'cloudstack_setup_databases': @@ -70,45 +70,44 @@ firewall { '003 allow port 80 in': - proto => 'tcp', - dport => '80', + proto => 'tcp', + dport => '80', action => 'accept', } firewall { '120 permit 8080 - web interface': - proto => 'tcp', - dport => '8080', + proto => 'tcp', + dport => '8080', action => 'accept', } -###### this is the unauthed API interface - should be locked down by default. +###### this is the unauthed API interface - should be locked down by default. # firewall { '130 permit unauthed API': # proto => 'tcp', # dport => '8096', -# jump => 'accept', +# jump => 'accept', # } # - firewall { '8250 CPVM': #### Think this is for cpvm, but check for certain. - proto => 'tcp', - dport => '8250', - action => 'accept', + proto => 'tcp', + dport => '8250', + action => 'accept', } firewall { '9090 unk port': ############# find out what this does in cloudstack - proto => 'tcp', - dport => '9090', - action => 'accept', + proto => 'tcp', + dport => '9090', + action => 'accept', } } ########## SecStorage ############ ## NOTE: This will take a LONG time to run. Go get a cup of coffee -# exec { 'mount ${cloudstack::cs_sec_storage_nfs_server}:${cloudstack::cs_sec_storage_mnt_point} /mnt ; -# ${cloudstack::system_tmplt_dl_cmd} -m /mnt -u ${cloudstack::sysvm_url_kvm} -h kvm -F ; +# exec { 'mount ${cloudstack::cs_sec_storage_nfs_server}:${cloudstack::cs_sec_storage_mnt_point} /mnt ; +# ${cloudstack::system_tmplt_dl_cmd} -m /mnt -u ${cloudstack::sysvm_url_kvm} -h kvm -F ; # curl 'http://localhost:8096/?command=addSecondaryStorage&url=nfs://${cloudstack::cs_sec_storage_nfs_server}${cloudstack::cs_sec_storage_mnt_point}&zoneid=1' ; # touch /var/lib/cloud/ssvm': # onlyif => [ 'test ! -e /var/lib/cloud/ssvm', 'curl 'http://localhost:8096/?command=listZones&available=true' | grep Zone1',] @@ -118,7 +117,7 @@ ### THis needs to add a check for a host to have been added # exec { 'curl 'http://localhost:8096/?command=createStoragePool&name=PStorage&url=nfs://${cloudstack::pri_storage_nfs_server}${cloudstack::pri_storage_mnt_point}&zoneid=4&podid=1'': # onlyif => ['curl 'http://localhost:8096/?command=listPods' | grep Pod1', -# 'curl 'http://localhost:8096/?command=listStoragePools' | grep -v PStorage', +# 'curl 'http://localhost:8096/?command=listStoragePools' | grep -v PStorage', # ] # } From 7839cde2042a98a6132e9011b160cd1ae9afb118 Mon Sep 17 00:00:00 2001 From: Kris Buytaert Date: Thu, 4 Jul 2013 09:47:45 +0200 Subject: [PATCH 26/49] Tomcat Changes --- manifests/mgmt.pp | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/manifests/mgmt.pp b/manifests/mgmt.pp index fd4ae8a..02e07dc 100644 --- a/manifests/mgmt.pp +++ b/manifests/mgmt.pp @@ -64,6 +64,29 @@ require => Service[ 'mysqld' ], } + + ###################################################### + ############## tomcat section ######################## + ###################################################### + + + file { '/etc/cloudstack/management/tomcat6.conf': + ensure => 'link', + group => '0', + mode => '0777', + owner => '0', + target => 'tomcat6-nonssl.conf', + } + + file { '/usr/share/cloudstack-management/conf/server.xml': + ensure => 'link', + group => '0', + mode => '0777', + owner => '0', + target => 'server-nonssl.xml', + } + + ###################################################### ############ firewall section ######################## ###################################################### From ce4f88d6ea273bdcaa8316f499de231f966cbd95 Mon Sep 17 00:00:00 2001 From: Kris Buytaert Date: Thu, 4 Jul 2013 10:43:48 +0200 Subject: [PATCH 27/49] nfs-common now actually is usable --- manifests/nfs-common.pp | 131 ++++++++++++++++++++-------------------- 1 file changed, 67 insertions(+), 64 deletions(-) diff --git a/manifests/nfs-common.pp b/manifests/nfs-common.pp index 5d71edc..d8b901a 100644 --- a/manifests/nfs-common.pp +++ b/manifests/nfs-common.pp @@ -1,106 +1,109 @@ -class cloudstack::nfs-common { -#this subclass provides NFS for primary and secondary storage on a single machine. -#this is not production quality - but useful for a POC/demo/dev/test environment. -#you will either want to significantly alter or use your own nfs class + class cloudstack::nfs-common { + # this subclass provides NFS for primary and secondary storage + # on a single machine. this is not production quality - but useful + # for a POC/demo/dev/test environment. + #you will either want to significantly alter or use your own nfs class include cloudstack - package {nfs-utils: ensure => present} + package {'nfs-utils': + ensure => present + } - service {nfs: - ensure => running, - enable => true, + service {'nfs': + ensure => running, + enable => true, hasstatus => true, - require => [ Service[rpcbind], File["/primary"], File["/secondary"] ], + require => [ Service[rpcbind], File['/primary'], File['/secondary'] ], } - service {rpcbind: - ensure => running, - enable => true, + service {'rpcbind': + ensure => running, + enable => true, hasstatus => true, } - file {"/primary": + file {'/primary': ensure => directory, - mode => 777, + mode => '0777', } - file {"/secondary": + file {'/secondary': ensure => directory, - mode => 777, + mode => '0777', } - file {"/etc/sysconfig/nfs": - source => "puppet://puppet/cloudstack/nfs", + file {'/etc/sysconfig/nfs': + source => 'puppet:///modules/cloudstack/nfs', notify => Service[nfs], } - file {"/etc/exports": - source => "puppet://puppet/cloudstack/exports", + file {'/etc/exports': + source => 'puppet:///modules/cloudstack/exports', notify => Service[nfs], } - iptables {"udp111": - proto => "udp", - dport=> "111", - jump => "ACCEPT", + firewall {'111 udp': + proto => 'udp', + dport => '111', + action => 'accept', } - iptables {"tcp111": - proto => "tcp", - dport => "111", - jump => "ACCEPT", + firewall {'111 tcp': + proto => 'tcp', + dport => '111', + action => 'accept', } - iptables {"tcp2049": - proto => "tcp", - dport => "2049", - jump => "ACCEPT", + firewall {'2049 tcp': + proto => 'tcp', + dport => '2049', + action => 'accept', } - iptables {"tcp32803": - proto => "tcp", - dport => "32803", - jump => "ACCEPT", + firewall {'32803 tcp': + proto => 'tcp', + dport => '32803', + action => 'accept', } - iptables {"udp32769": - proto => "udp", - dport => "32769", - jump => "ACCEPT", + firewall {'32769 udp': + proto => 'udp', + dport => '32769', + action => 'accept', } - iptables {"tcp892": - proto => "tcp", - dport => "892", - jump => "ACCEPT", + firewall {'892 tcp': + proto => 'tcp', + dport => '892', + action => 'accept', } - iptables {"udp892": - proto => "udp", - dport => "892", - jump => "ACCEPT", + firewall {'892 udp': + proto => 'udp', + dport => '892', + action => 'accept', } - iptables {"tcp875": - proto => "tcp", - dport => "875", - jump => "ACCEPT", + firewall {'875 tcp': + proto => 'tcp', + dport => '875', + action => 'accept', } - iptables {"udp875": - proto => "udp", - dport => "875", - jump => "ACCEPT", + firewall {'875 udp': + proto => 'udp', + dport => '875', + action => 'accept';, } - iptables {"tcp662": - proto => "tcp", - dport => "662", - jump => "ACCEPT", + firewall {'662 tcp': + proto => 'tcp', + dport => '662', + action => 'accept', } - iptables {"udp662": - proto => "udp", - dport => "662", - jump => "ACCEPT", + firewall {'662 udp': + proto => 'udp', + dport => '662', + action => 'accept', } } From 74a70eecd0449ea99806a75dea23cb5352caa7b1 Mon Sep 17 00:00:00 2001 From: Kris Buytaert Date: Fri, 5 Jul 2013 12:36:26 +0200 Subject: [PATCH 28/49] Typo upon saving after testing :(( --- manifests/nfs-common.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/nfs-common.pp b/manifests/nfs-common.pp index d8b901a..0087722 100644 --- a/manifests/nfs-common.pp +++ b/manifests/nfs-common.pp @@ -91,7 +91,7 @@ firewall {'875 udp': proto => 'udp', dport => '875', - action => 'accept';, + action => 'accept', } firewall {'662 tcp': From 5e704ec0af0796b30562352a7af08267111d622b Mon Sep 17 00:00:00 2001 From: Kris Buytaert Date: Wed, 6 Nov 2013 19:58:46 +0100 Subject: [PATCH 29/49] Fresher versions etc --- manifests/kvmagent.pp | 44 +++++++++++++++++++++---------------------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/manifests/kvmagent.pp b/manifests/kvmagent.pp index 20cfdf3..21482bc 100644 --- a/manifests/kvmagent.pp +++ b/manifests/kvmagent.pp @@ -16,58 +16,58 @@ class cloudstack::kvmagent { include cloudstack - package { 'cloud-agent': + package { 'cloudstack-agent': ensure => present, require => Yumrepo[ 'cloudstack' ], } - package { 'NetworkManager': + package { 'NetworkManager': ensure => absent; } - service { 'network': + service { 'network': ensure => running, - enabled => true, hasstatus => true, - requires => Package[ 'cloud-agent' ], + require => Package[ 'cloudstack-agent' ], } - exec { '/usr/bin/cloud-setup-agent': - creates => '/var/log/cloud/setupAgent.log', - require => [ - Package[ 'cloud-agent' ], - File[ '/etc/cloud/agent/agent.properties' ], - File_line[ 'cs_sudo_rule' ], - Host[ 'localhost' ], - ], - } + # Needs params + #exec { '/usr/bin/cloudstack-setup-agent': + # creates => '/var/log/cloud/setupAgent.log', + # require => [ + # Package[ 'cloudstack-agent' ], + # File[ '/etc/cloudstack/agent/agent.properties' ], + # File_line[ 'cs_sudo_rule' ], + # Host[ 'localhost' ], + # ], + #} - file { '/etc/cloud/agent/agent.properties': + file { '/etc/cloudstack/agent/agent.properties': ensure => present, - require => Package[ 'cloud-agent' ], + require => Package[ 'cloudstack-agent' ], content => template( 'cloudstack/agent.properties' ), } ################## Firewall stuff ######################### # - firewall { "first range": + firewall { "001 first range ": proto => 'tcp', dport => '49152-49216', - jump => 'ACCEPT', + action => 'accept', } - firewall { " 191 VNC rules": + firewall { "191 VNC rules": proto => 'tcp', dport => '5900-6100', - jump => 'ACCEPT', + action => 'accept', } - firewall { " 192 port 16509": + firewall { "192 port 16509": proto => 'tcp', dport => '16509', - jump => 'accept', + action => 'accept', } From 8886be9e6ae7cab02ede3732118a39919dd5cb4f Mon Sep 17 00:00:00 2001 From: David Nalley Date: Thu, 21 Nov 2013 10:48:59 -0500 Subject: [PATCH 30/49] Fixing this so it uses 4.2 --- manifests/init.pp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index b11c272..c86e43c 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -29,7 +29,8 @@ yumrepo{ 'cloudstack': - baseurl => 'http://cloudstack.apt-get.eu/rhel/4.1/', + baseurl => 'http://cloudstack.apt-get.eu/rhel/4.2/' + # baseurl => 'http://cloudstack.apt-get.eu/rhel/4.1/', # baseurl => 'http://cloudstack.apt-get.eu/rhel/4.0/', enabled => 1, gpgcheck => 0, From 8b03cefd2b76e70d2575beb764295518c3f3df64 Mon Sep 17 00:00:00 2001 From: David Nalley Date: Fri, 22 Nov 2013 04:35:11 -0500 Subject: [PATCH 31/49] Update readme --- README.markdown | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/README.markdown b/README.markdown index 1d00935..603e7c7 100644 --- a/README.markdown +++ b/README.markdown @@ -1,15 +1,5 @@ * cloudstack-puppet This is the CloudStack puppet manifest. -The original location for this is: -https://github.com/cloudstack/cloudstack-puppet - Original content herein licensed under the Apache 2.0 license. -For problems or help, please send messages on: -https://lists.sourceforge.net/lists/listinfo/cloudstack-devel - -This is still not yet ready for primetime. - - - From a0be7fb376dbfad6dc0bed7c9494bbbccb00d41a Mon Sep 17 00:00:00 2001 From: Jan Collijs Date: Fri, 14 Feb 2014 13:27:33 +0100 Subject: [PATCH 32/49] Initial commit --- README.md | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..e12e9c9 --- /dev/null +++ b/README.md @@ -0,0 +1,2 @@ +pm_cloudstack +============= From f5d5da72f7784899381575d81b6e1f4a525f2682 Mon Sep 17 00:00:00 2001 From: Jan Collijs Date: Fri, 14 Feb 2014 13:43:27 +0100 Subject: [PATCH 33/49] Refactored classes for puppet-lint compliance --- .puppet-lint.rc | 1 + manifests/cluster.pp | 22 +++++++++-------- manifests/init.pp | 23 +++++++++-------- manifests/kvmagent.pp | 55 +++++++++++++++++++++-------------------- manifests/mgmt.pp | 9 +++---- manifests/nfs-common.pp | 12 +++++---- manifests/params.pp | 23 ++++++++--------- manifests/pod.pp | 13 +++++----- manifests/zone.pp | 24 +++++++++--------- 9 files changed, 92 insertions(+), 90 deletions(-) create mode 100644 .puppet-lint.rc diff --git a/.puppet-lint.rc b/.puppet-lint.rc new file mode 100644 index 0000000..b0d12b7 --- /dev/null +++ b/.puppet-lint.rc @@ -0,0 +1 @@ +--no-80chars-check diff --git a/manifests/cluster.pp b/manifests/cluster.pp index a1e7b4c..a75f4e2 100644 --- a/manifests/cluster.pp +++ b/manifests/cluster.pp @@ -5,7 +5,7 @@ # Parameters: # zone_dns - The external DNS server # zone_internal_dns - Internal DNS server -# networktype - Network type to use for zone. Valid options are +# networktype - Network type to use for zone. Valid options are # # Actions: # @@ -17,11 +17,11 @@ # zone_dns => 'myinternaldns', # } # -define cloudstack::cluster( +define cloudstack::cluster( + $zoneid, + $podid, $clustertype = 'CloudManaged', $hypervisor = $hvtype, - $zoneid, - $podid ) { #### NEED TO VERIFY THAT ZONEID AND PODID ARE VALID! $teststring_zone = inline_template( "<%= \"http://localhost:\" + @@ -36,13 +36,15 @@ $reststring = inline_template( "<%= \"http://localhost:\" + \"${cloudstack::params::mgmt_port}/?command=addCluster&\" + \"clustername=${name}&clustertype=${clustertype}&\" + - \"hypervisor=${hypervisor}&zoneid=${zoneid$}&\" + + \"hypervisor=${hypervisor}&zoneid=${zoneid}&\" + \"podid=${podid}\" %>" ) exec { "/usr/bin/curl \'${reststring}\'": - onlyif => [ "/usr/bin/curl \'${teststring_zone}\' | grep ${zoneid}", - "/usr/bin/curl \'${teststring_pod}\' | grep ${podid}", - "/usr/bin/curl \'${teststring_cluster}\' | grep -v ${cluster}" ] + onlyif => [ + "/usr/bin/curl \'${teststring_zone}\' | grep ${zoneid}", + "/usr/bin/curl \'${teststring_pod}\' | grep ${podid}", + "/usr/bin/curl \'${teststring_cluster}\' | grep -v ${cluster}" + ], require => Exec[ 'cloud_setup_databases' ], - } -} \ No newline at end of file + } +} diff --git a/manifests/init.pp b/manifests/init.pp index c86e43c..639a18b 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -22,18 +22,18 @@ include cloudstack::params - resources { 'host': - name => "host", - purge => true, - } + resources { 'host': + name => 'host', + purge => true, + } yumrepo{ 'cloudstack': - baseurl => 'http://cloudstack.apt-get.eu/rhel/4.2/' + baseurl => 'http://cloudstack.apt-get.eu/rhel/4.2/', # baseurl => 'http://cloudstack.apt-get.eu/rhel/4.1/', # baseurl => 'http://cloudstack.apt-get.eu/rhel/4.0/', - enabled => 1, - gpgcheck => 0, + enabled => '1', + gpgcheck => '0', } file_line { 'cs_sudo_rule': @@ -64,17 +64,16 @@ # firewall { '001 allow icmp': - proto => 'icmp', + proto => 'icmp', action => 'accept', } firewall { '002 allow all to lo interface': iniface => 'lo', - action => 'accept', + action => 'accept', } firewall { '003 allow ssh': - dport => '22', - proto => 'tcp', + dport => '22', + proto => 'tcp', } - } diff --git a/manifests/kvmagent.pp b/manifests/kvmagent.pp index 21482bc..e87aabd 100644 --- a/manifests/kvmagent.pp +++ b/manifests/kvmagent.pp @@ -14,11 +14,11 @@ # Sample Usage: # class cloudstack::kvmagent { - include cloudstack + include cloudstack - package { 'cloudstack-agent': - ensure => present, - require => Yumrepo[ 'cloudstack' ], + package { 'cloudstack-agent': + ensure => present, + require => Yumrepo[ 'cloudstack' ], } package { 'NetworkManager': @@ -26,15 +26,15 @@ } service { 'network': - ensure => running, + ensure => running, hasstatus => true, - require => Package[ 'cloudstack-agent' ], - } + require => Package[ 'cloudstack-agent' ], + } - # Needs params + # Needs params #exec { '/usr/bin/cloudstack-setup-agent': # creates => '/var/log/cloud/setupAgent.log', - # require => [ + # require => [ # Package[ 'cloudstack-agent' ], # File[ '/etc/cloudstack/agent/agent.properties' ], # File_line[ 'cs_sudo_rule' ], @@ -43,7 +43,7 @@ #} - file { '/etc/cloudstack/agent/agent.properties': + file { '/etc/cloudstack/agent/agent.properties': ensure => present, require => Package[ 'cloudstack-agent' ], content => template( 'cloudstack/agent.properties' ), @@ -52,33 +52,34 @@ ################## Firewall stuff ######################### # - firewall { "001 first range ": - proto => 'tcp', - dport => '49152-49216', + firewall { '001 first range ': + proto => 'tcp', + dport => '49152-49216', action => 'accept', } - firewall { "191 VNC rules": - proto => 'tcp', - dport => '5900-6100', + firewall { '191 VNC rules': + proto => 'tcp', + dport => '5900-6100', action => 'accept', - } + } - firewall { "192 port 16509": - proto => 'tcp', - dport => '16509', + firewall { '192 port 16509': + proto => 'tcp', + dport => '16509', action => 'accept', } - - -############ Need to do something that will take care of KVM - make sure module is loaded - need to define what tests cloud-setup-agent actually runs to test for KVM and ensure that we do those tests as well, and rectify if needed (do a reboot?? ) -### Need to handle hostname addition as well - and probably a def gw and ensuring that DNS is set since +# Need to do something that will take care of KVM - make sure module is loaded +# - need to define what tests cloud-setup-agent actually runs to test for KVM +# and ensure that we do those tests as well, and rectify if needed (reboot?? ) +# Need to handle hostname addition as well +#- and probably a def gw and ensuring that DNS is set since ### Require network to be enable -### Require NetworkManager be disabled (Is it installed by default, do we need to do a case?, perhaps we 'ensure absent') -### Make sure we cycle network after deploying a ifcfg. -### Do we handle creation of cloud-br0? I am thinking not, seems like there's a lot of magic there. For now, lets stay away from that. +### Require NetworkManager be disabled (Is it installed by default, do we need to do a case?, perhaps we 'ensure absent') +### Make sure we cycle network after deploying a ifcfg. +### Do we handle creation of cloud-br0? I am thinking not, seems like there's a lot of magic there. For now, lets stay away from that. } diff --git a/manifests/mgmt.pp b/manifests/mgmt.pp index 02e07dc..af34885 100644 --- a/manifests/mgmt.pp +++ b/manifests/mgmt.pp @@ -19,7 +19,8 @@ # class cloudstack::mgmt { include cloudstack -# include mysql::server ### We really want to specify this - but in the absence of this +# include mysql::server # +## We really want to specify this - but in the absence of this ########### MYSQL section ######### package { 'mysql-server': @@ -37,7 +38,7 @@ $dbstring = inline_template( "<%= \"/usr/bin/cloudstack-setup-databases \" + \"cloud:dbpassword@localhost --deploy-as=root\" %>" ) -########### If you are using a separate database or different passwords, change it above +# If you are using a separate database or different passwords, change it above package { 'cloudstack-management': @@ -119,7 +120,7 @@ action => 'accept', } - firewall { '9090 unk port': ############# find out what this does in cloudstack + firewall { '9090 unk port': ######## find out what this does in cloudstack proto => 'tcp', dport => '9090', action => 'accept', @@ -143,5 +144,3 @@ # 'curl 'http://localhost:8096/?command=listStoragePools' | grep -v PStorage', # ] # } - - diff --git a/manifests/nfs-common.pp b/manifests/nfs-common.pp index 0087722..4884a08 100644 --- a/manifests/nfs-common.pp +++ b/manifests/nfs-common.pp @@ -1,8 +1,10 @@ - class cloudstack::nfs-common { - # this subclass provides NFS for primary and secondary storage - # on a single machine. this is not production quality - but useful - # for a POC/demo/dev/test environment. - #you will either want to significantly alter or use your own nfs class +# Class: cloudstack::nfs-common +# +# this subclass provides NFS for primary and secondary storage +# on a single machine. this is not production quality - but useful +# for a POC/demo/dev/test environment. +# you will either want to significantly alter or use your own nfs class +class cloudstack::nfs-common { include cloudstack diff --git a/manifests/params.pp b/manifests/params.pp index f99fcfe..7b1eee3 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -2,18 +2,15 @@ # # class cloudstack::params { - $mgmt_port = '8096' - $cs_mgmt_server = "192.168.203.177" - $cs_agent_netmask = "255.255.255.0" - $cs_sec_storage_nfs_server = "192.168.203.176" - $cs_sec_storage_mnt_point = "/secondary" - $pri_storage_nfs_server = "192.168.203.176" - $pri_storage_mnt_point = "/primary" - $hvtype = "KVM" - $system_tmplt_dl_cmd = "/usr/lib64/cloud/agent/scripts/storage/secondary/cloud-install-sys-tmplt" - $sysvm_url_kvm = "http://download.cloud.com/releases/2.2.0/systemvm.qcow2.bz2" - $sysvm_url_xen = "http://download.cloud.com/releases/2.2.0/systemvm.vhd.bz2" - - + $cs_mgmt_server = '192.168.203.177' + $cs_agent_netmask = '255.255.255.0' + $cs_sec_storage_nfs_server = '192.168.203.176' + $cs_sec_storage_mnt_point = '/secondary' + $pri_storage_nfs_server = '192.168.203.176' + $pri_storage_mnt_point = '/primary' + $hvtype = 'KVM' + $system_tmplt_dl_cmd = '/usr/lib64/cloud/agent/scripts/storage/secondary/cloud-install-sys-tmplt' + $sysvm_url_kvm = 'http://download.cloud.com/releases/2.2.0/systemvm.qcow2.bz2' + $sysvm_url_xen = 'http://download.cloud.com/releases/2.2.0/systemvm.vhd.bz2' } # Class:: cloudstack::params diff --git a/manifests/pod.pp b/manifests/pod.pp index 9ac84ef..af7f198 100644 --- a/manifests/pod.pp +++ b/manifests/pod.pp @@ -5,7 +5,7 @@ # Parameters: # zone_dns - The external DNS server # zone_internal_dns - Internal DNS server -# networktype - Network type to use for zone. Valid options are +# networktype - Network type to use for zone. Valid options are # # Actions: # @@ -17,7 +17,7 @@ # zone_dns => 'myinternaldns', # } # -define cloudstack::pod( +define cloudstack::pod( $gateway, $netmask, $startip, @@ -36,9 +36,10 @@ \"startip=${startip}&endip=${endip}&zoneid=${zoneid}\" %>" ) exec { "/usr/bin/curl \'${reststring}\'": - unless => [ + unless => [ "/usr/bin/curl \'${teststring_zone}\' | grep ${zoneid}", - "/usr/bin/curl \'${teststring_pod}\' | grep -v ${pod}", ], + "/usr/bin/curl \'${teststring_pod}\' | grep -v ${pod}", + ], require => Exec[ 'cloud_setup_databases' ], - } -} \ No newline at end of file + } +} diff --git a/manifests/zone.pp b/manifests/zone.pp index 80091e4..f46a3b2 100644 --- a/manifests/zone.pp +++ b/manifests/zone.pp @@ -5,7 +5,7 @@ # Parameters: # zone_dns - The external DNS server # zone_internal_dns - Internal DNS server -# networktype - Network type to use for zone. Valid options are +# networktype - Network type to use for zone. Valid options are # # Actions: # @@ -17,21 +17,21 @@ # zone_dns => 'myinternaldns', # } # -define cloudstack::zone( - $zone_dns='8.8.8.8', - $zone_internal_dns='8.8.8.8', - networktype='Basic' +define cloudstack::zone( + $zone_dns='8.8.8.8', + $zone_internal_dns='8.8.8.8', + $networktype='Basic' ) { - $teststring = inline_template( "<%= \"http://localhost:\" + - \"${cloudstack::params::mgmt_port}/?command=listZones&\" + - \"available=true\" %>" ) + $teststring = inline_template( "<%= \"http://localhost:\" + + \"${cloudstack::params::mgmt_port}/?command=listZones&\" + + \"available=true\" %>" ) $reststring = inline_template( "<%= \"http://localhost:\" + - \"${cloudstack::params::mgmt_port}/?command=createZone&dns1\" + - \"=${zone_internal_dns}&internaldns1=${zone_internal_dns}\" + - \"&name=${name}&networktype=${networktype}\" %>" ) + \"${cloudstack::params::mgmt_port}/?command=createZone&dns1\" + + \"=${zone_internal_dns}&internaldns1=${zone_internal_dns}\" + + \"&name=${name}&networktype=${networktype}\" %>" ) exec { "/usr/bin/curl \'${reststring}\'": onlyif => "/usr/bin/curl \'${teststring}\' | grep -v ${name}", require => Exec[ 'cloud_setup_databases' ], - } + } } From e8e1f48c8b4b73c25612afe767f481df866989ad Mon Sep 17 00:00:00 2001 From: Jan Collijs Date: Fri, 14 Feb 2014 13:54:45 +0100 Subject: [PATCH 34/49] Removed intial commit --- README.md | 2 -- 1 file changed, 2 deletions(-) delete mode 100644 README.md diff --git a/README.md b/README.md deleted file mode 100644 index e12e9c9..0000000 --- a/README.md +++ /dev/null @@ -1,2 +0,0 @@ -pm_cloudstack -============= From 9598db660f818deaf294c01410d5a3341ad2487c Mon Sep 17 00:00:00 2001 From: Tom Ritserveldt Date: Tue, 4 Aug 2015 11:27:26 +0200 Subject: [PATCH 35/49] changed the system VM templates links to v4.5 --- manifests/params.pp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index 7b1eee3..6e439dc 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -5,12 +5,12 @@ $mgmt_port = '8096' $cs_mgmt_server = '192.168.203.177' $cs_agent_netmask = '255.255.255.0' - $cs_sec_storage_nfs_server = '192.168.203.176' + $cs_sec_storage_nfs_server = '192.168.203.177' $cs_sec_storage_mnt_point = '/secondary' - $pri_storage_nfs_server = '192.168.203.176' + $pri_storage_nfs_server = '192.168.203.177' $pri_storage_mnt_point = '/primary' $hvtype = 'KVM' $system_tmplt_dl_cmd = '/usr/lib64/cloud/agent/scripts/storage/secondary/cloud-install-sys-tmplt' - $sysvm_url_kvm = 'http://download.cloud.com/releases/2.2.0/systemvm.qcow2.bz2' - $sysvm_url_xen = 'http://download.cloud.com/releases/2.2.0/systemvm.vhd.bz2' + $sysvm_url_kvm = 'http://cloudstack.apt-get.eu/systemvm/4.5/systemvm64template-4.5-kvm.qcow2.bz2' + $sysvm_url_xen = 'http://cloudstack.apt-get.eu/systemvm/4.5/systemvm64template-4.5-xen.vhd.bz2' } # Class:: cloudstack::params From a8dfd5ad8c3216b05c1f84b2772f3429e0c20d25 Mon Sep 17 00:00:00 2001 From: Tom Ritserveldt Date: Tue, 4 Aug 2015 11:46:53 +0200 Subject: [PATCH 36/49] added inherits from params.pp for class cloudstack --- manifests/init.pp | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 639a18b..4fd701d 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -18,8 +18,22 @@ # Sample Usage: # This class should not be included directly. It is called from other modules. # -class cloudstack { - include cloudstack::params +class cloudstack ( + + $mgmt_port = $cloudstack::params::mgmt_port, + $cs_mgmt_server = $cloudstack::params::cs_mgmt_server, + $cs_agent_netmask = $cloudstack::params::cs_agent_netmask, + $cs_sec_storage_nfs_server = $cloudstack::params::cs_sec_storage_nfs_server, + $cs_sec_storage_mnt_point = $cloudstack::params::cs_sec_storage_mnt_point, + $pri_storage_nfs_server = $cloudstack::params::pri_storage_nfs_server, + $pri_storage_mnt_point = $cloudstack::params::pri_storage_mnt_point, + $hvtype = $cloudstack::params::hvtype, + $system_tmplt_dl_cmd = $cloudstack::params::system_tmplt_dl_cmd, + $sysvm_url_kvm = $cloudstack::params::sysvm_url_kvm, + $sysvm_url_xen = $cloudstack::params::sysvm_url_xen, + + +) inherits cloudstack::params { resources { 'host': From 5e2c175951bc1df3a0f411401a1a2ad78fcf7111 Mon Sep 17 00:00:00 2001 From: Tom Ritserveldt Date: Tue, 4 Aug 2015 11:48:24 +0200 Subject: [PATCH 37/49] updated yumrepo for cloudstack v4.5 --- manifests/init.pp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index 4fd701d..c6e3b0d 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -43,9 +43,9 @@ yumrepo{ 'cloudstack': - baseurl => 'http://cloudstack.apt-get.eu/rhel/4.2/', - # baseurl => 'http://cloudstack.apt-get.eu/rhel/4.1/', - # baseurl => 'http://cloudstack.apt-get.eu/rhel/4.0/', + descr => 'Cloudstack repo 4.5', + baseurl => 'http://cloudstack.apt-get.eu/rhel/4.5/', + # baseurl => 'http://cloudstack.apt-get.eu/rhel/4.4/', enabled => '1', gpgcheck => '0', } From 9ae2e6f62e81a9038e18cb813cd1ee3fe201e24a Mon Sep 17 00:00:00 2001 From: Tom Ritserveldt Date: Tue, 4 Aug 2015 11:50:32 +0200 Subject: [PATCH 38/49] fixed the sudoers entries to include the requiretty(otherwise errors will occur during cloudstack UI deployment) --- manifests/init.pp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/manifests/init.pp b/manifests/init.pp index c6e3b0d..4faf7c5 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -54,6 +54,10 @@ path => '/etc/sudoers', line => 'cloud ALL = NOPASSWD : ALL', } + file_line { 'cloud tty': + path => '/etc/sudoers', + line => 'Defaults:cloud !requiretty', + } host { 'localhost': ensure => present, From 12dc8a57272e26263717d65b201d66d8febd6810 Mon Sep 17 00:00:00 2001 From: Tom Ritserveldt Date: Tue, 4 Aug 2015 11:55:09 +0200 Subject: [PATCH 39/49] clean up --- manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index 4faf7c5..d1a7c2b 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -18,7 +18,7 @@ # Sample Usage: # This class should not be included directly. It is called from other modules. # -class cloudstack ( +class cloudstack( $mgmt_port = $cloudstack::params::mgmt_port, $cs_mgmt_server = $cloudstack::params::cs_mgmt_server, From eeb115ef97363a301c2860f82ed84e58fb16b1e2 Mon Sep 17 00:00:00 2001 From: Tom Ritserveldt Date: Tue, 4 Aug 2015 11:56:55 +0200 Subject: [PATCH 40/49] removed cloudstack include --- manifests/kvmagent.pp | 1 - 1 file changed, 1 deletion(-) diff --git a/manifests/kvmagent.pp b/manifests/kvmagent.pp index e87aabd..7b62d0d 100644 --- a/manifests/kvmagent.pp +++ b/manifests/kvmagent.pp @@ -14,7 +14,6 @@ # Sample Usage: # class cloudstack::kvmagent { - include cloudstack package { 'cloudstack-agent': ensure => present, From c3996c529eae9fae2cabc8a598511094b84beb73 Mon Sep 17 00:00:00 2001 From: Tom Ritserveldt Date: Tue, 4 Aug 2015 11:58:59 +0200 Subject: [PATCH 41/49] removed cloudstack include --- manifests/mgmt.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/mgmt.pp b/manifests/mgmt.pp index af34885..d77f0bf 100644 --- a/manifests/mgmt.pp +++ b/manifests/mgmt.pp @@ -18,7 +18,7 @@ # This class should not be included directly. It is called from other modules. # class cloudstack::mgmt { - include cloudstack + # include mysql::server # ## We really want to specify this - but in the absence of this From ffa3ec9d4f21a28a7eaa5e262a91bea49442d21a Mon Sep 17 00:00:00 2001 From: Tom Ritserveldt Date: Tue, 4 Aug 2015 12:01:00 +0200 Subject: [PATCH 42/49] added require to cloudstack-management to ensure the tomcat6.conf is present --- manifests/mgmt.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/mgmt.pp b/manifests/mgmt.pp index d77f0bf..86317d5 100644 --- a/manifests/mgmt.pp +++ b/manifests/mgmt.pp @@ -46,11 +46,11 @@ require => Yumrepo[ 'cloudstack' ], } - service { 'cloudstack-management': + service { 'cloudstack-management': ensure => running, enable => true, hasstatus => true, - require => [Package[ 'cloudstack-management' ], Service[ 'mysqld' ] ], + require => [Package[ 'cloudstack-management' ], Service[ 'mysqld' ], File[ '/etc/cloudstack/management/tomcat6.conf' ] ], } exec { '/usr/bin/cloudstack-setup-management': From 81c5057ba39602be1b78ed80cbe703765bfca0bf Mon Sep 17 00:00:00 2001 From: Tom Ritserveldt Date: Tue, 4 Aug 2015 12:02:41 +0200 Subject: [PATCH 43/49] cloudstack_setup_databases requires the cloudstack-management package --- manifests/mgmt.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/mgmt.pp b/manifests/mgmt.pp index 86317d5..2556dae 100644 --- a/manifests/mgmt.pp +++ b/manifests/mgmt.pp @@ -62,7 +62,7 @@ exec { 'cloudstack_setup_databases': command => $dbstring, creates => '/var/lib/mysql/cloud', - require => Service[ 'mysqld' ], + require => [Package[ 'cloudstack-management' ], Service[ 'mysqld' ] ], } From 9733d7b58dfb294eb936c44e7f51692a96d9998f Mon Sep 17 00:00:00 2001 From: Tom Ritserveldt Date: Tue, 4 Aug 2015 12:03:46 +0200 Subject: [PATCH 44/49] files require the cloudstack management package to be installed. --- manifests/mgmt.pp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/manifests/mgmt.pp b/manifests/mgmt.pp index 2556dae..4d1b814 100644 --- a/manifests/mgmt.pp +++ b/manifests/mgmt.pp @@ -77,6 +77,7 @@ mode => '0777', owner => '0', target => 'tomcat6-nonssl.conf', + require => Package[ 'cloudstack-management' ], } file { '/usr/share/cloudstack-management/conf/server.xml': @@ -85,6 +86,7 @@ mode => '0777', owner => '0', target => 'server-nonssl.xml', + require => Package[ 'cloudstack-management' ], } From 39ffaf2722baa2243843ecc6463d791c0bfb308e Mon Sep 17 00:00:00 2001 From: Tom Ritserveldt Date: Tue, 4 Aug 2015 12:06:14 +0200 Subject: [PATCH 45/49] clean up text formatting. --- manifests/mgmt.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/mgmt.pp b/manifests/mgmt.pp index 4d1b814..44258c7 100644 --- a/manifests/mgmt.pp +++ b/manifests/mgmt.pp @@ -46,7 +46,7 @@ require => Yumrepo[ 'cloudstack' ], } - service { 'cloudstack-management': + service { 'cloudstack-management': ensure => running, enable => true, hasstatus => true, From ce9e2e5ec9086b9af52970c9009f0af28fcb4aa0 Mon Sep 17 00:00:00 2001 From: Tom Ritserveldt Date: Tue, 4 Aug 2015 12:07:25 +0200 Subject: [PATCH 46/49] removed cloudstack include --- manifests/nfs-common.pp | 1 - 1 file changed, 1 deletion(-) diff --git a/manifests/nfs-common.pp b/manifests/nfs-common.pp index 4884a08..9bda9cc 100644 --- a/manifests/nfs-common.pp +++ b/manifests/nfs-common.pp @@ -6,7 +6,6 @@ # you will either want to significantly alter or use your own nfs class class cloudstack::nfs-common { - include cloudstack package {'nfs-utils': ensure => present From ea962c6348cf85916a347f272ffa0634d767538e Mon Sep 17 00:00:00 2001 From: Tom Ritserveldt Date: Tue, 4 Aug 2015 12:11:01 +0200 Subject: [PATCH 47/49] gitignore --- .gitignore | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..26ddfd5 --- /dev/null +++ b/.gitignore @@ -0,0 +1,10 @@ +.vagrant +puppet.conf* +auth.conf* +fileserver.conf* +*.swp +*.swo +tests +environments +.idea +*~ From 179ad1cbc364268b5b93630420689d948600ab39 Mon Sep 17 00:00:00 2001 From: Tom Ritserveldt Date: Tue, 4 Aug 2015 12:23:10 +0200 Subject: [PATCH 48/49] require the file server.xml or cloudstack-management will fail to start --- manifests/mgmt.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/mgmt.pp b/manifests/mgmt.pp index 44258c7..2c6c763 100644 --- a/manifests/mgmt.pp +++ b/manifests/mgmt.pp @@ -50,7 +50,7 @@ ensure => running, enable => true, hasstatus => true, - require => [Package[ 'cloudstack-management' ], Service[ 'mysqld' ], File[ '/etc/cloudstack/management/tomcat6.conf' ] ], + require => [Package[ 'cloudstack-management' ], Service[ 'mysqld' ], File[ '/etc/cloudstack/management/tomcat6.conf' ], File[ '/usr/share/cloudstack-management/conf/server.xml' ] ], } exec { '/usr/bin/cloudstack-setup-management': From 9a247700d8b5897a5ecbf598eca78627e217d26b Mon Sep 17 00:00:00 2001 From: Martin Alfke Date: Wed, 12 Aug 2015 09:50:26 +0200 Subject: [PATCH 49/49] rspec tests - lint cleanups --- .fixtures.yml | 8 ++++++ .gitignore | 4 +++ .travis.yml | 30 ++++++++++++++++++++++ Gemfile | 7 +++++ Rakefile | 5 ++++ manifests/cluster.pp | 2 +- manifests/init.pp | 3 +-- manifests/mgmt.pp | 20 +++++++-------- manifests/{nfs-common.pp => nfs_common.pp} | 4 +-- manifests/pod.pp | 2 +- manifests/zone.pp | 2 +- spec/classes/init_spec.rb | 15 +++++++++++ spec/classes/kvmagent_spec.rb | 16 ++++++++++++ spec/classes/mgmt_spec.rb | 16 ++++++++++++ spec/classes/nfs_common_spec.rb | 15 +++++++++++ spec/defines/cluster_spec.rb | 18 +++++++++++++ spec/defines/pod_spec.rb | 21 +++++++++++++++ spec/defines/zone_spec.rb | 14 ++++++++++ spec/spec_helper.rb | 1 + 19 files changed, 186 insertions(+), 17 deletions(-) create mode 100644 .fixtures.yml create mode 100644 .travis.yml create mode 100644 Gemfile create mode 100644 Rakefile rename manifests/{nfs-common.pp => nfs_common.pp} (96%) create mode 100644 spec/classes/init_spec.rb create mode 100644 spec/classes/kvmagent_spec.rb create mode 100644 spec/classes/mgmt_spec.rb create mode 100644 spec/classes/nfs_common_spec.rb create mode 100644 spec/defines/cluster_spec.rb create mode 100644 spec/defines/pod_spec.rb create mode 100644 spec/defines/zone_spec.rb create mode 100644 spec/spec_helper.rb diff --git a/.fixtures.yml b/.fixtures.yml new file mode 100644 index 0000000..dc69f75 --- /dev/null +++ b/.fixtures.yml @@ -0,0 +1,8 @@ +fixtures: + repositories: + "stdlib": "git://github.com/puppetlabs/puppetlabs-stdlib.git" + "firewall": "git://github.com/puppetlabs/puppetlabs-firewall.git" + "mysql": "git://github.com/rochaporto/puppet-mysql.git" + symlinks: + "cloudstack": "#{source_dir}" + diff --git a/.gitignore b/.gitignore index 26ddfd5..8e898bd 100644 --- a/.gitignore +++ b/.gitignore @@ -8,3 +8,7 @@ tests environments .idea *~ +Gemfile.lock +.bundle +vendor +spec/fixtures diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 0000000..6d27ea1 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,30 @@ +language: ruby +rvm: + - 1.8.7 + - 1.9.3 + - 2.1.4 +script: + - "bundle exec rake spec SPEC_OPTS='--format documentation'" +env: + - PUPPET_VERSION="~> 2.6.0" + - PUPPET_VERSION="~> 2.7.0" + - PUPPET_VERSION="~> 3.0.0" + - PUPPET_VERSION="~> 3.1.0" + - PUPPET_VERSION="~> 3.8.0" + - PUPPET_VERSION="~> 4.2" +matrix: + exclude: + - rvm: 1.8.7 + env: PUPPET_VERSION="~> 4.2" + - rvm: 1.9.3 + env: PUPPET_VERSION="~> 2.6.0" + - rvm: 2.1.4 + env: PUPPET_VERSION="~> 2.6.0" + - rvm: 2.1.4 + env: PUPPET_VERSION="~> 2.7.0" + - rvm: 2.1.4 + env: PUPPET_VERSION="~> 3.0.0" + - rvm: 2.1.4 + env: PUPPET_VERSION="~> 3.1.0" + +sudo: false diff --git a/Gemfile b/Gemfile new file mode 100644 index 0000000..5e01bf6 --- /dev/null +++ b/Gemfile @@ -0,0 +1,7 @@ +source 'https://rubygems.org' + +puppetversion = ENV['PUPPET_VERSION'] +gem 'puppet', puppetversion, :require => false +gem 'puppet-lint' +gem 'rspec', '~> 3.1.0', :platforms => :ruby_18 +gem 'puppetlabs_spec_helper', '>= 0.1.0' diff --git a/Rakefile b/Rakefile new file mode 100644 index 0000000..1a8a8a0 --- /dev/null +++ b/Rakefile @@ -0,0 +1,5 @@ +require 'rubygems' +require 'puppetlabs_spec_helper/rake_tasks' +require 'puppet-lint' +PuppetLint.configuration.send("disable_80chars") +PuppetLint.configuration.send('disable_class_parameter_defaults') diff --git a/manifests/cluster.pp b/manifests/cluster.pp index a75f4e2..3364709 100644 --- a/manifests/cluster.pp +++ b/manifests/cluster.pp @@ -45,6 +45,6 @@ "/usr/bin/curl \'${teststring_pod}\' | grep ${podid}", "/usr/bin/curl \'${teststring_cluster}\' | grep -v ${cluster}" ], - require => Exec[ 'cloud_setup_databases' ], + require => Exec[ 'cloudstack_setup_databases' ], } } diff --git a/manifests/init.pp b/manifests/init.pp index d1a7c2b..f52a023 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -43,9 +43,8 @@ yumrepo{ 'cloudstack': - descr => 'Cloudstack repo 4.5', + descr => 'Cloudstack repo 4.5', baseurl => 'http://cloudstack.apt-get.eu/rhel/4.5/', - # baseurl => 'http://cloudstack.apt-get.eu/rhel/4.4/', enabled => '1', gpgcheck => '0', } diff --git a/manifests/mgmt.pp b/manifests/mgmt.pp index 2c6c763..243638c 100644 --- a/manifests/mgmt.pp +++ b/manifests/mgmt.pp @@ -72,20 +72,20 @@ file { '/etc/cloudstack/management/tomcat6.conf': - ensure => 'link', - group => '0', - mode => '0777', - owner => '0', - target => 'tomcat6-nonssl.conf', + ensure => 'link', + group => '0', + mode => '0777', + owner => '0', + target => 'tomcat6-nonssl.conf', require => Package[ 'cloudstack-management' ], } file { '/usr/share/cloudstack-management/conf/server.xml': - ensure => 'link', - group => '0', - mode => '0777', - owner => '0', - target => 'server-nonssl.xml', + ensure => 'link', + group => '0', + mode => '0777', + owner => '0', + target => 'server-nonssl.xml', require => Package[ 'cloudstack-management' ], } diff --git a/manifests/nfs-common.pp b/manifests/nfs_common.pp similarity index 96% rename from manifests/nfs-common.pp rename to manifests/nfs_common.pp index 9bda9cc..a438b11 100644 --- a/manifests/nfs-common.pp +++ b/manifests/nfs_common.pp @@ -1,10 +1,10 @@ -# Class: cloudstack::nfs-common +# Class: cloudstack::nfs_common # # this subclass provides NFS for primary and secondary storage # on a single machine. this is not production quality - but useful # for a POC/demo/dev/test environment. # you will either want to significantly alter or use your own nfs class -class cloudstack::nfs-common { +class cloudstack::nfs_common { package {'nfs-utils': diff --git a/manifests/pod.pp b/manifests/pod.pp index af7f198..d934834 100644 --- a/manifests/pod.pp +++ b/manifests/pod.pp @@ -40,6 +40,6 @@ "/usr/bin/curl \'${teststring_zone}\' | grep ${zoneid}", "/usr/bin/curl \'${teststring_pod}\' | grep -v ${pod}", ], - require => Exec[ 'cloud_setup_databases' ], + require => Exec[ 'cloudstack_setup_databases' ], } } diff --git a/manifests/zone.pp b/manifests/zone.pp index f46a3b2..394e8c5 100644 --- a/manifests/zone.pp +++ b/manifests/zone.pp @@ -32,6 +32,6 @@ exec { "/usr/bin/curl \'${reststring}\'": onlyif => "/usr/bin/curl \'${teststring}\' | grep -v ${name}", - require => Exec[ 'cloud_setup_databases' ], + require => Exec[ 'cloudstack_setup_databases' ], } } diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb new file mode 100644 index 0000000..021e37e --- /dev/null +++ b/spec/classes/init_spec.rb @@ -0,0 +1,15 @@ +require 'spec_helper' + +describe 'cloudstack' do + let(:node) { 'cloudstack.example42.com' } + let(:facts) {{ + :osfamily => 'Debian', + :operatingsystem => 'Ubuntu', + :operatingsystemrelease => '12.10' + }} + + describe 'generic test' do + it { should compile } + it { should contain_class('cloudstack') } + end +end diff --git a/spec/classes/kvmagent_spec.rb b/spec/classes/kvmagent_spec.rb new file mode 100644 index 0000000..6eb0cb4 --- /dev/null +++ b/spec/classes/kvmagent_spec.rb @@ -0,0 +1,16 @@ +require 'spec_helper' + +describe 'cloudstack::kvmagent' do + let(:node) { 'cloudstack.example42.com' } + let(:pre_condition) { 'include cloudstack' } + let(:facts) {{ + :osfamily => 'Debian', + :operatingsystem => 'Ubuntu', + :operatingsystemrelease => '12.10' + }} + + describe 'generic test' do + it { should compile } + it { should contain_class('cloudstack::kvmagent') } + end +end diff --git a/spec/classes/mgmt_spec.rb b/spec/classes/mgmt_spec.rb new file mode 100644 index 0000000..ad2d825 --- /dev/null +++ b/spec/classes/mgmt_spec.rb @@ -0,0 +1,16 @@ +require 'spec_helper' + +describe 'cloudstack::mgmt' do + let(:node) { 'cloudstack.example42.com' } + let(:pre_condition) { 'include cloudstack' } + let(:facts) {{ + :osfamily => 'Debian', + :operatingsystem => 'Ubuntu', + :operatingsystemrelease => '12.10' + }} + + describe 'generic test' do + it { should compile } + it { should contain_class('cloudstack::mgmt') } + end +end diff --git a/spec/classes/nfs_common_spec.rb b/spec/classes/nfs_common_spec.rb new file mode 100644 index 0000000..bfe6d53 --- /dev/null +++ b/spec/classes/nfs_common_spec.rb @@ -0,0 +1,15 @@ +require 'spec_helper' + +describe 'cloudstack::nfs_common' do + let(:node) { 'cloudstack.example42.com' } + let(:facts) {{ + :osfamily => 'Debian', + :operatingsystem => 'Ubuntu', + :operatingsystemrelease => '12.10' + }} + + describe 'generic test' do + it { should compile } + it { should contain_class('cloudstack::nfs_common') } + end +end diff --git a/spec/defines/cluster_spec.rb b/spec/defines/cluster_spec.rb new file mode 100644 index 0000000..0ce665d --- /dev/null +++ b/spec/defines/cluster_spec.rb @@ -0,0 +1,18 @@ +require 'spec_helper' + +describe 'cloudstack::cluster', :type => :define do + let(:title) { 'example42' } + let(:facts) {{ + :osfamily => 'RedHat', + :operatingsystem => 'CentOS' + }} + let(:params) {{ + :zoneid => 'cloudstack', + :podid => 'example42' + }} + let(:pre_condition) {[ + 'include cloudstack', + 'include cloudstack::mgmt', + ]} + it { should compile } +end diff --git a/spec/defines/pod_spec.rb b/spec/defines/pod_spec.rb new file mode 100644 index 0000000..e88c31e --- /dev/null +++ b/spec/defines/pod_spec.rb @@ -0,0 +1,21 @@ +require 'spec_helper' + +describe 'cloudstack::pod', :type => :define do + let(:title) { 'example42' } + let(:facts) {{ + :osfamily => 'RedHat', + :operatingsystem => 'CentOS' + }} + let(:params) {{ + :gateway => '127.0.0.1', + :netmask => '255.255.0.0', + :startip => '10.0.2.0', + :endip => '10.2.0.3', + :zoneid => 'example42' + }} + let(:pre_condition) {[ + 'include cloudstack', + 'include cloudstack::mgmt' + ]} + it { should compile } +end diff --git a/spec/defines/zone_spec.rb b/spec/defines/zone_spec.rb new file mode 100644 index 0000000..fc5f3ba --- /dev/null +++ b/spec/defines/zone_spec.rb @@ -0,0 +1,14 @@ +require 'spec_helper' + +describe 'cloudstack::zone', :type => :define do + let(:title) { 'example42' } + let(:facts) {{ + :osfamily => 'RedHat', + :operatingsystem => 'CentOS' + }} + let(:pre_condition) {[ + 'include cloudstack', + 'include cloudstack::mgmt' + ]} + it { should compile } +end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb new file mode 100644 index 0000000..2c6f566 --- /dev/null +++ b/spec/spec_helper.rb @@ -0,0 +1 @@ +require 'puppetlabs_spec_helper/module_spec_helper'