(morazi's patchset merged/reworked)
aeolus configuration can now be specified in yml config files --- Rakefile | 2 +- bin/aeolus-cleanup | 5 +- bin/aeolus-configure | 3 +- bin/aeolus-node | 9 +++ contrib/aeolus-configure.spec | 14 ++++-- recipes/aeolus_recipe/aeolus_recipe.pp | 70 -------------------------- recipes/aeolus_recipe/aeolus_uninstall.pp | 38 -------------- recipes/aeolus_recipe/manifests/conductor.pp | 41 +++++++++++++++ recipes/aeolus_recipe/manifests/init.pp | 63 +++++++++++++++++++++++ recipes/apache/manifests/init.pp | 6 +- 10 files changed, 132 insertions(+), 119 deletions(-) create mode 100644 bin/aeolus-node delete mode 100644 recipes/aeolus_recipe/aeolus_recipe.pp delete mode 100644 recipes/aeolus_recipe/aeolus_uninstall.pp create mode 100644 recipes/aeolus_recipe/manifests/init.pp
diff --git a/Rakefile b/Rakefile index 1104573..647cf65 100644 --- a/Rakefile +++ b/Rakefile @@ -19,7 +19,7 @@ RPM_SPEC = "contrib/aeolus-configure.spec" rpm_task = Rake::RpmTask.new(RPM_SPEC) do |rpm| rpm.need_tar = true - rpm.package_files.include("bin/*", "recipes/**/*") + rpm.package_files.include("bin/*", "recipes/**/*", "conf/*") rpm.topdir = "#{RPMBUILD_DIR}" end
diff --git a/bin/aeolus-cleanup b/bin/aeolus-cleanup index 87fb405..a45a277 100644 --- a/bin/aeolus-cleanup +++ b/bin/aeolus-cleanup @@ -2,8 +2,9 @@
export FACTER_AEOLUS_ENABLE_HTTPS=true export FACTER_AEOLUS_ENABLE_SECURITY=false -puppet /usr/share/aeolus-configure/aeolus_uninstall.pp \ ++puppet /usr/share/aeolus-configure/modules/aeolus_recipe/manifests/defaults.pp \ --modulepath=/usr/share/aeolus-configure/modules/ \ - --logdest=/var/log/aeolus-configure/aeolus-cleanup.log \ + --external_nodes '/usr/sbin/aeolus-node cleanup' --node_terminus exec \ + --logdest=/var/log/aeolus-configure/aeolus-configure.log \ --logdest=console
diff --git a/bin/aeolus-configure b/bin/aeolus-configure index 6d87cb1..a4fae56 100644 --- a/bin/aeolus-configure +++ b/bin/aeolus-configure @@ -2,8 +2,9 @@
export FACTER_AEOLUS_ENABLE_HTTPS=true export FACTER_AEOLUS_ENABLE_SECURITY=false -puppet /usr/share/aeolus-configure/aeolus_recipe.pp \ +puppet /usr/share/aeolus-configure/modules/aeolus_recipe/manifests/defaults.pp \ --modulepath=/usr/share/aeolus-configure/modules/ \ + --external_nodes '/usr/sbin/aeolus-node configure' --node_terminus exec \ --logdest=/var/log/aeolus-configure/aeolus-configure.log \ --logdest=console
diff --git a/bin/aeolus-node b/bin/aeolus-node new file mode 100644 index 0000000..5b1468a --- /dev/null +++ b/bin/aeolus-node @@ -0,0 +1,9 @@ +#! /bin/sh + +CAT=/bin/cat +NODE_DIR=/etc/aeolus-configure/nodes + +# look for node setting files, or revert to default +[ -f nodes/$2_$1 ] && NODE=$2_$1 || NODE=default_$1 + +$CAT $NODE_DIR/$NODE diff --git a/contrib/aeolus-configure.spec b/contrib/aeolus-configure.spec index 4bfaf6a..f4a9877 100644 --- a/contrib/aeolus-configure.spec +++ b/contrib/aeolus-configure.spec @@ -3,8 +3,8 @@
Summary: Aeolus Configure Puppet Recipe Name: aeolus-configure -Version: 2.0.0 -Release: 11%{?dist}%{?extra_release} +Version: 2.0.1 +Release: 0%{?dist}%{?extra_release}
Group: Applications/Internet License: GPLv2+ @@ -31,8 +31,8 @@ Aeolus Configure Puppet Recipe %install rm -rf %{buildroot} %{__mkdir} -p %{buildroot}/%{dchome}/modules/aeolus_recipe %{buildroot}/%{_sbindir} -%{__cp} -R %{pbuild}/recipes/aeolus_recipe/aeolus_recipe.pp %{buildroot}/%{dchome} -%{__cp} -R %{pbuild}/recipes/aeolus_recipe/aeolus_uninstall.pp %{buildroot}/%{dchome} +%{__mkdir} -p %{buildroot}%{_sysconfdir}/aeolus-configure/nodes +%{__cp} -R %{pbuild}/conf/* %{buildroot}%{_sysconfdir}/aeolus-configure/nodes %{__cp} -R %{pbuild}/recipes/aeolus_recipe/*/ %{buildroot}/%{dchome}/modules/aeolus_recipe %{__cp} -R %{pbuild}/recipes/apache/ %{buildroot}/%{dchome}/modules/apache %{__cp} -R %{pbuild}/recipes/ntp/ %{buildroot}/%{dchome}/modules/ntp @@ -40,6 +40,7 @@ rm -rf %{buildroot} %{__cp} -R %{pbuild}/recipes/postgres/ %{buildroot}/%{dchome}/modules/postgres %{__cp} -R %{pbuild}/bin/aeolus-configure %{buildroot}/%{_sbindir}/ %{__cp} -R %{pbuild}/bin/aeolus-cleanup %{buildroot}/%{_sbindir}/ +%{__cp} -R %{pbuild}/bin/aeolus-node %{buildroot}/%{_sbindir}/\
%clean rm -rf %{buildroot} @@ -48,9 +49,14 @@ rm -rf %{buildroot} %defattr(-,root,root,-) %attr(0755, root, root) %{_sbindir}/aeolus-configure %attr(0755, root, root) %{_sbindir}/aeolus-cleanup +%attr(0755, root, root) %{_sbindir}/aeolus-node +%config(noreplace) %{_sysconfdir}/aeolus-configure/nodes/* %{dchome}
%changelog +* Wed May 18 2011 Mike Orazi morazi@redhat.com 2.0.1-0 +- Move using external nodes so changes to behavior can happen in etc + * Wed May 18 2011 Chris Lalancette clalance@redhat.com - 2.0.0-11 - Bump the release version
diff --git a/recipes/aeolus_recipe/aeolus_recipe.pp b/recipes/aeolus_recipe/aeolus_recipe.pp deleted file mode 100644 index 6ae1827..0000000 --- a/recipes/aeolus_recipe/aeolus_recipe.pp +++ /dev/null @@ -1,70 +0,0 @@ -#-- -# Copyright (C) 2010 Red Hat Inc. -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of the GNU Lesser General Public -# License as published by the Free Software Foundation; either -# version 2.1 of the License, or (at your option) any later version. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -# Author: Mohammed Morsi mmorsi@redhat.com -#-- - -# -# aeolus installation recipe -# - -# Modules used by the recipe -import "aeolus_recipe/aeolus" -import "aeolus_recipe/defaults" - -# include the various aeolus components -include aeolus::conductor -include aeolus::image-factory -include aeolus::iwhd - -aeolus::create_bucket{"aeolus":} - -aeolus::site_admin{"$admin_user": - email => 'dcuser@aeolusproject.org', - password => "$admin_password", - first_name => 'aeolus', - last_name => 'user'} - -aeolus::provider{"mock": - type => 'mock', - port => 3002, - require => Aeolus::Site_admin["admin"] } - -aeolus::provider{"ec2-us-east-1": - type => 'ec2', - endpoint => 'us-east-1', - port => 3003, - require => Aeolus::Site_admin["admin"] } - -aeolus::provider{"ec2-us-west-1": - type => 'ec2', - endpoint => 'us-west-1', - port => 3004, - require => Aeolus::Site_admin["admin"] } - -aeolus::provider{"rhevm": - type => "rhevm", - port => 3005, - require => Aeolus::Site_admin["admin"] } - -aeolus::conductor::hwp{"hwp1": - memory => "1", - cpu => "1", - storage => "1", - architecture => "x86_64", - require => Aeolus::Site_admin["admin"] } - diff --git a/recipes/aeolus_recipe/aeolus_uninstall.pp b/recipes/aeolus_recipe/aeolus_uninstall.pp deleted file mode 100644 index 572960a..0000000 --- a/recipes/aeolus_recipe/aeolus_uninstall.pp +++ /dev/null @@ -1,38 +0,0 @@ -#-- -# Copyright (C) 2010 Red Hat Inc. -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of the GNU Lesser General Public -# License as published by the Free Software Foundation; either -# version 2.1 of the License, or (at your option) any later version. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -# Author: Mohammed Morsi mmorsi@redhat.com -#-- - -# -# aeolus uninstallation recipe -# - -# Modules used by the recipe -import "aeolus_recipe/aeolus" -import "aeolus_recipe/defaults" - -# disable the various aeolus components -include aeolus::conductor::disabled -include aeolus::iwhd::disabled -include aeolus::image-factory::disabled - -aeolus::deltacloud::disabled{"mock": } -aeolus::deltacloud::disabled{"ec2-us-east-1": } -aeolus::deltacloud::disabled{"ec2-us-west-1": } -aeolus::deltacloud::disabled{"rhevm": } - diff --git a/recipes/aeolus_recipe/manifests/conductor.pp b/recipes/aeolus_recipe/manifests/conductor.pp index 10de426..ebe703f 100644 --- a/recipes/aeolus_recipe/manifests/conductor.pp +++ b/recipes/aeolus_recipe/manifests/conductor.pp @@ -160,6 +160,47 @@ class aeolus::conductor inherits aeolus { enable => 'true' } }
+class aeolus::conductor::seed_data { + aeolus::create_bucket{"aeolus":} + + aeolus::site_admin{"$admin_user": + email => 'dcuser@aeolusproject.org', + password => "$admin_password", + first_name => 'aeolus', + last_name => 'user'} + + aeolus::provider{"mock": + type => 'mock', + port => 3002, + require => Aeolus::Site_admin["admin"] } + + aeolus::provider{"ec2-us-east-1": + type => 'ec2', + endpoint => 'us-east-1', + port => 3003, + require => Aeolus::Site_admin["admin"] } + + aeolus::provider{"ec2-us-west-1": + type => 'ec2', + endpoint => 'us-west-1', + port => 3004, + require => Aeolus::Site_admin["admin"] } + + aeolus::conductor::hwp{"hwp1": + memory => "1", + cpu => "1", + storage => "1", + architecture => "x86_64", + require => Aeolus::Site_admin["admin"] } + +} + +class aeolus::conductor::remove_seed_data { + aeolus::deltacloud::disabled{"mock": } + aeolus::deltacloud::disabled{"ec2-us-east-1": } + aeolus::deltacloud::disabled{"ec2-us-west-1": } +} + class aeolus::conductor::disabled { file {"/var/lib/aeolus-conductor": ensure => absent, diff --git a/recipes/aeolus_recipe/manifests/init.pp b/recipes/aeolus_recipe/manifests/init.pp new file mode 100644 index 0000000..e3e601c --- /dev/null +++ b/recipes/aeolus_recipe/manifests/init.pp @@ -0,0 +1,63 @@ +# Aeolus puppet definitions + +import "postgres" +import "apache" +import "rails" +import "selinux" +import "ntp" + +import "conductor" +import "deltacloud" +import "iwhd" +import "image-factory" + +if $aeolus_enable_https == "true" or $aeolus_enable_https == "1" { + import "openssl" + $enable_https = true +} else { + $enable_https = false +} + +if $aeolus_enable_security == "true" or $aeolus_enable_security == "1" { + import "openssl" + $enable_security = true +} else { + $enable_security = false +} + + +# Base aeolus class +class aeolus { + package{'curl': ensure => 'installed'} + + # Setup repos which to pull aeolus components + # TODO: Don't hardcode these repos to RHEL-6 + # The issue is that $releasever resolves to something like 6Server + # so we either need to have a repo per RHEL variant, or we need + # to have smarter logic here + $base_url_release = $operatingsystem ? { 'fedora' => "fedora-$releasever", + 'redhat' => 'rhel-6' } + $pulp_base_url_release = $operatingsystem ? { 'fedora' => "fedora-13", + 'redhat' => 'rhel5' } + + yumrepo{"${name}_arch": + name => "${name}_arch", + descr => "${name}_arch", + baseurl => "http://repos.fedorapeople.org/repos/aeolus/packages/$%7Bbase_url_release%7D/...", + enabled => 0, gpgcheck => 0} + yumrepo{"${name}_noarch": + name => "${name}_noarch", + descr => "${name}_noarch", + baseurl => "http://repos.fedorapeople.org/repos/aeolus/packages/$%7Bbase_url_release%7D/...", + enabled => 0, gpgcheck => 0} + +} + +# Create a new provider in aeolus +define aeolus::provider($type, $port, $endpoint=""){ + aeolus::deltacloud{$name: provider_type => $type, endpoint => $endpoint, port => $port} + aeolus::conductor::provider{$name: + type => $type, + url => "http://localhost:$%7Bport%7D/api", + require => Aeolus::Deltacloud[$name] } +} diff --git a/recipes/apache/manifests/init.pp b/recipes/apache/manifests/init.pp index de703aa..32a0723 100644 --- a/recipes/apache/manifests/init.pp +++ b/recipes/apache/manifests/init.pp @@ -1,6 +1,3 @@ -$apache_dir = "/etc/httpd" -$apache_conf_dir = "${apache_dir}/conf.d" - class apache { # require apache and mod_ssl package { "httpd": ensure => installed } @@ -31,6 +28,9 @@ class apache { }
define apache::site ( $ensure = 'present', $source = '') { + $apache_dir = "/etc/httpd" + $apache_conf_dir = "${apache_dir}/conf.d" + $site_file = "${apache_conf_dir}/${name}.conf" file { $site_file:
--- bin/aeolus-cleanup | 2 +- bin/aeolus-configure | 2 +- contrib/aeolus-configure.spec | 4 +- recipes/aeolus/aeolus_stop_services.pp | 32 ++ recipes/aeolus/files/aggregator-httpd-ssl.conf | 38 ++ recipes/aeolus/files/aggregator-httpd.conf | 26 + recipes/aeolus/files/condor_config.local | 23 + recipes/aeolus/files/pg_hba-ssl.conf | 7 + recipes/aeolus/files/pg_hba.conf | 4 + recipes/aeolus/files/postgresql.conf | 503 ++++++++++++++++++++ recipes/aeolus/files/qpidd.conf | 25 + recipes/aeolus/files/solr.conf | 3 + recipes/aeolus/files/solr.init | 75 +++ .../aeolus/lib/puppet/provider/web_request/curl.rb | 128 +++++ recipes/aeolus/lib/puppet/type/web_request.rb | 49 ++ recipes/aeolus/manifests/aeolus.pp | 64 +++ recipes/aeolus/manifests/conductor.pp | 308 ++++++++++++ recipes/aeolus/manifests/defaults.pp | 23 + recipes/aeolus/manifests/deltacloud.pp | 53 ++ recipes/aeolus/manifests/image-factory.pp | 64 +++ recipes/aeolus/manifests/init.pp | 63 +++ recipes/aeolus/manifests/iwhd.pp | 57 +++ recipes/aeolus/manifests/rails.pp | 43 ++ recipes/aeolus/manifests/selinux.pp | 13 + recipes/aeolus/templates/deltacloud-core | 103 ++++ recipes/aeolus_recipe/aeolus_stop_services.pp | 32 -- .../aeolus_recipe/files/aggregator-httpd-ssl.conf | 38 -- recipes/aeolus_recipe/files/aggregator-httpd.conf | 26 - recipes/aeolus_recipe/files/condor_config.local | 23 - recipes/aeolus_recipe/files/pg_hba-ssl.conf | 7 - recipes/aeolus_recipe/files/pg_hba.conf | 4 - recipes/aeolus_recipe/files/postgresql.conf | 503 -------------------- recipes/aeolus_recipe/files/qpidd.conf | 25 - recipes/aeolus_recipe/files/solr.conf | 3 - recipes/aeolus_recipe/files/solr.init | 75 --- .../lib/puppet/provider/web_request/curl.rb | 128 ----- .../aeolus_recipe/lib/puppet/type/web_request.rb | 49 -- recipes/aeolus_recipe/manifests/aeolus.pp | 64 --- recipes/aeolus_recipe/manifests/conductor.pp | 308 ------------ recipes/aeolus_recipe/manifests/defaults.pp | 23 - recipes/aeolus_recipe/manifests/deltacloud.pp | 53 -- recipes/aeolus_recipe/manifests/image-factory.pp | 64 --- recipes/aeolus_recipe/manifests/init.pp | 63 --- recipes/aeolus_recipe/manifests/iwhd.pp | 57 --- recipes/aeolus_recipe/manifests/rails.pp | 43 -- recipes/aeolus_recipe/manifests/selinux.pp | 13 - recipes/aeolus_recipe/templates/deltacloud-core | 103 ---- 51 files changed, 1816 insertions(+), 1816 deletions(-) create mode 100644 recipes/aeolus/aeolus_stop_services.pp create mode 100644 recipes/aeolus/files/aggregator-httpd-ssl.conf create mode 100644 recipes/aeolus/files/aggregator-httpd.conf create mode 100644 recipes/aeolus/files/condor_config.local create mode 100644 recipes/aeolus/files/pg_hba-ssl.conf create mode 100644 recipes/aeolus/files/pg_hba.conf create mode 100644 recipes/aeolus/files/postgresql.conf create mode 100644 recipes/aeolus/files/qpidd.conf create mode 100644 recipes/aeolus/files/solr.conf create mode 100644 recipes/aeolus/files/solr.init create mode 100644 recipes/aeolus/lib/puppet/provider/web_request/curl.rb create mode 100644 recipes/aeolus/lib/puppet/type/web_request.rb create mode 100644 recipes/aeolus/manifests/aeolus.pp create mode 100644 recipes/aeolus/manifests/conductor.pp create mode 100644 recipes/aeolus/manifests/defaults.pp create mode 100644 recipes/aeolus/manifests/deltacloud.pp create mode 100644 recipes/aeolus/manifests/image-factory.pp create mode 100644 recipes/aeolus/manifests/init.pp create mode 100644 recipes/aeolus/manifests/iwhd.pp create mode 100644 recipes/aeolus/manifests/rails.pp create mode 100644 recipes/aeolus/manifests/selinux.pp create mode 100644 recipes/aeolus/templates/deltacloud-core delete mode 100644 recipes/aeolus_recipe/aeolus_stop_services.pp delete mode 100644 recipes/aeolus_recipe/files/aggregator-httpd-ssl.conf delete mode 100644 recipes/aeolus_recipe/files/aggregator-httpd.conf delete mode 100644 recipes/aeolus_recipe/files/condor_config.local delete mode 100644 recipes/aeolus_recipe/files/pg_hba-ssl.conf delete mode 100644 recipes/aeolus_recipe/files/pg_hba.conf delete mode 100644 recipes/aeolus_recipe/files/postgresql.conf delete mode 100644 recipes/aeolus_recipe/files/qpidd.conf delete mode 100644 recipes/aeolus_recipe/files/solr.conf delete mode 100644 recipes/aeolus_recipe/files/solr.init delete mode 100644 recipes/aeolus_recipe/lib/puppet/provider/web_request/curl.rb delete mode 100644 recipes/aeolus_recipe/lib/puppet/type/web_request.rb delete mode 100644 recipes/aeolus_recipe/manifests/aeolus.pp delete mode 100644 recipes/aeolus_recipe/manifests/conductor.pp delete mode 100644 recipes/aeolus_recipe/manifests/defaults.pp delete mode 100644 recipes/aeolus_recipe/manifests/deltacloud.pp delete mode 100644 recipes/aeolus_recipe/manifests/image-factory.pp delete mode 100644 recipes/aeolus_recipe/manifests/init.pp delete mode 100644 recipes/aeolus_recipe/manifests/iwhd.pp delete mode 100644 recipes/aeolus_recipe/manifests/rails.pp delete mode 100644 recipes/aeolus_recipe/manifests/selinux.pp delete mode 100644 recipes/aeolus_recipe/templates/deltacloud-core
diff --git a/bin/aeolus-cleanup b/bin/aeolus-cleanup index a45a277..a2ff45f 100644 --- a/bin/aeolus-cleanup +++ b/bin/aeolus-cleanup @@ -2,7 +2,7 @@
export FACTER_AEOLUS_ENABLE_HTTPS=true export FACTER_AEOLUS_ENABLE_SECURITY=false -+puppet /usr/share/aeolus-configure/modules/aeolus_recipe/manifests/defaults.pp \ +puppet /usr/share/aeolus-configure/modules/aeolus/manifests/defaults.pp \ --modulepath=/usr/share/aeolus-configure/modules/ \ --external_nodes '/usr/sbin/aeolus-node cleanup' --node_terminus exec \ --logdest=/var/log/aeolus-configure/aeolus-configure.log \ diff --git a/bin/aeolus-configure b/bin/aeolus-configure index a4fae56..877b62b 100644 --- a/bin/aeolus-configure +++ b/bin/aeolus-configure @@ -2,7 +2,7 @@
export FACTER_AEOLUS_ENABLE_HTTPS=true export FACTER_AEOLUS_ENABLE_SECURITY=false -puppet /usr/share/aeolus-configure/modules/aeolus_recipe/manifests/defaults.pp \ +puppet /usr/share/aeolus-configure/modules/aeolus/manifests/defaults.pp \ --modulepath=/usr/share/aeolus-configure/modules/ \ --external_nodes '/usr/sbin/aeolus-node configure' --node_terminus exec \ --logdest=/var/log/aeolus-configure/aeolus-configure.log \ diff --git a/contrib/aeolus-configure.spec b/contrib/aeolus-configure.spec index f4a9877..b3b1089 100644 --- a/contrib/aeolus-configure.spec +++ b/contrib/aeolus-configure.spec @@ -30,10 +30,10 @@ Aeolus Configure Puppet Recipe
%install rm -rf %{buildroot} -%{__mkdir} -p %{buildroot}/%{dchome}/modules/aeolus_recipe %{buildroot}/%{_sbindir} +%{__mkdir} -p %{buildroot}/%{dchome}/modules/aeolus %{buildroot}/%{_sbindir} %{__mkdir} -p %{buildroot}%{_sysconfdir}/aeolus-configure/nodes %{__cp} -R %{pbuild}/conf/* %{buildroot}%{_sysconfdir}/aeolus-configure/nodes -%{__cp} -R %{pbuild}/recipes/aeolus_recipe/*/ %{buildroot}/%{dchome}/modules/aeolus_recipe +%{__cp} -R %{pbuild}/recipes/aeolus/*/ %{buildroot}/%{dchome}/modules/aeolus %{__cp} -R %{pbuild}/recipes/apache/ %{buildroot}/%{dchome}/modules/apache %{__cp} -R %{pbuild}/recipes/ntp/ %{buildroot}/%{dchome}/modules/ntp %{__cp} -R %{pbuild}/recipes/openssl/ %{buildroot}/%{dchome}/modules/openssl diff --git a/recipes/aeolus/aeolus_stop_services.pp b/recipes/aeolus/aeolus_stop_services.pp new file mode 100644 index 0000000..6d9993e --- /dev/null +++ b/recipes/aeolus/aeolus_stop_services.pp @@ -0,0 +1,32 @@ +#-- +# Copyright (C) 2010 Red Hat Inc. +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Author: Mohammed Morsi mmorsi@redhat.com +#-- + +# +# aeolus uninstallation recipe +# + +# Modules used by the recipe +import "aeolus_recipe/aeolus" + +$services = ["conductor", "core", 'iwhd', 'image-factory'] + +# stop aeolus services +dc::service{$services: + ensure => 'stopped', enable => false} diff --git a/recipes/aeolus/files/aggregator-httpd-ssl.conf b/recipes/aeolus/files/aggregator-httpd-ssl.conf new file mode 100644 index 0000000..5e9a85e --- /dev/null +++ b/recipes/aeolus/files/aggregator-httpd-ssl.conf @@ -0,0 +1,38 @@ +NameVirtualHost *:443 +<VirtualHost *:443> + + ErrorLog /etc/httpd/logs/error_log + TransferLog /etc/httpd/logs/access_log + LogLevel debug + + ProxyRequests Off + SSLEngine On + SSLCertificateFile /etc/pki/tls/certs/localhost.crt + SSLCertificateKeyFile /etc/pki/tls/private/localhost.key + ProxyPreserveHost Off + RequestHeader set X_FORWARDED_PROTO 'https' + +Alias /conductor/stylesheets "/usr/share/aeolus-conductor/public/stylesheets" +Alias /conductor/images "/usr/share/aeolus-conductor/public/images" +Alias /conductor/errors "/usr/share/aeolus-conductor/public/errors" +Alias /conductor/javascripts "/usr/share/aeolus-conductor/public/javascripts" +Alias /fonts "/usr/share/aeolus-conductor/public/fonts" + +ProxyPass /conductor/images ! +ProxyPass /conductor/stylesheets ! +ProxyPass /conductor/errors ! +ProxyPass /conductor http://localhost:3000/conductor +ProxyPassReverse /conductor http://localhost:3000/conductor +ProxyPassReverse /conductor/images ! +ProxyPassReverse /conductor/stylesheets ! +ProxyPassReverse /conductor/errors ! + +</VirtualHost> + +NameVirtualHost *:80 +<VirtualHost *:80> + RewriteEngine On + RewriteCond %{HTTPS} off + RewriteRule /conductor(.*) https://%%7BHTTP_HOST%7D%%7BREQUEST_URI%7D +</VirtualHost> + diff --git a/recipes/aeolus/files/aggregator-httpd.conf b/recipes/aeolus/files/aggregator-httpd.conf new file mode 100644 index 0000000..dc81eba --- /dev/null +++ b/recipes/aeolus/files/aggregator-httpd.conf @@ -0,0 +1,26 @@ +NameVirtualHost *:80 +<VirtualHost *:80> + + ErrorLog /etc/httpd/logs/error_log + TransferLog /etc/httpd/logs/access_log + LogLevel warn + + ProxyRequests Off + +Alias /conductor/stylesheets "/usr/share/aeolus-conductor/public/stylesheets" +Alias /conductor/images "/usr/share/aeolus-conductor/public/images" +Alias /conductor/errors "/usr/share/aeolus-conductor/public/errors" +Alias /conductor/javascripts "/usr/share/aeolus-conductor/public/javascripts" +Alias /fonts "/usr/share/aeolus-conductor/public/fonts" + +ProxyPass /conductor/images ! +ProxyPass /conductor/stylesheets ! +ProxyPass /conductor/errors ! +ProxyPass /conductor http://localhost:3000/conductor +ProxyPassReverse /conductor http://localhost:3000/conductor +ProxyPassReverse /conductor/images ! +ProxyPassReverse /conductor/stylesheets ! +ProxyPassReverse /conductor/errors ! + +</VirtualHost> + diff --git a/recipes/aeolus/files/condor_config.local b/recipes/aeolus/files/condor_config.local new file mode 100644 index 0000000..76a97b5 --- /dev/null +++ b/recipes/aeolus/files/condor_config.local @@ -0,0 +1,23 @@ +ALLOW_WRITE = * +ALLOW_ADMINISTRATOR = * +ALLOW_NEGOTIATOR = * +ALLOW_NEGOTIATOR_SCHEDD = * +COLLECTOR_HOST = localhost + +DAEMON_LIST = MASTER, SCHEDD, COLLECTOR, NEGOTIATOR + +MAX_GRIDMANAGER_LOG = 500000000 +GRIDMANAGER_JOB_PROBE_INTERVAL = 30 + +GRIDMANAGER_DEBUG = D_FULLDEBUG +NEGOTIATOR_DEBUG = D_FULLDEBUG +COLLECTOR_DEBUG = D_FULLDEBUG + +DELTACLOUD_GAHP = $(SBIN)/deltacloud_gahp + +CLASSAD_LIFETIME = 0 + +# for the event log parsing (i.e. dbomatic) +EVENT_LOG=$(LOG)/EventLog +EVENT_LOG_USE_XML=True +EVENT_LOG_JOB_AD_INFORMATION_ATTRS=Owner,GlobalJobId,Cmd,JobStartDate,JobCurrentStartDate,JobFinishedHookDone,DeltacloudProviderId,DeltacloudPublicNetworkAddresses,DeltacloudPrivateNetworkAddresses,DeltacloudAvailableActions,JobStatus,DeltacloudUsername diff --git a/recipes/aeolus/files/pg_hba-ssl.conf b/recipes/aeolus/files/pg_hba-ssl.conf new file mode 100644 index 0000000..722867b --- /dev/null +++ b/recipes/aeolus/files/pg_hba-ssl.conf @@ -0,0 +1,7 @@ +# we are still leaving Unix-domain sockets open, if we want to disable +# make sure to append "sslmode=require" and "-h localhost" to all psql +# commands +local all all trust +hostssl all all 127.0.0.1/32 md5 +hostssl all all ::1/128 md5 + diff --git a/recipes/aeolus/files/pg_hba.conf b/recipes/aeolus/files/pg_hba.conf new file mode 100644 index 0000000..ef3f6f5 --- /dev/null +++ b/recipes/aeolus/files/pg_hba.conf @@ -0,0 +1,4 @@ +local all all trust +host all all 127.0.0.1 255.255.255.255 md5 +host all all ::1/128 md5 + diff --git a/recipes/aeolus/files/postgresql.conf b/recipes/aeolus/files/postgresql.conf new file mode 100644 index 0000000..cf97fce --- /dev/null +++ b/recipes/aeolus/files/postgresql.conf @@ -0,0 +1,503 @@ +# ----------------------------- +# PostgreSQL configuration file +# ----------------------------- +# +# This file consists of lines of the form: +# +# name = value +# +# (The "=" is optional.) Whitespace may be used. Comments are introduced with +# "#" anywhere on a line. The complete list of parameter names and allowed +# values can be found in the PostgreSQL documentation. +# +# The commented-out settings shown in this file represent the default values. +# Re-commenting a setting is NOT sufficient to revert it to the default value; +# you need to reload the server. +# +# This file is read on server startup and when the server receives a SIGHUP +# signal. If you edit the file on a running system, you have to SIGHUP the +# server for the changes to take effect, or use "pg_ctl reload". Some +# parameters, which are marked below, require a server shutdown and restart to +# take effect. +# +# Any parameter can also be given as a command-line option to the server, e.g., +# "postgres -c log_connections=on". Some parameters can be changed at run time +# with the "SET" SQL command. +# +# Memory units: kB = kilobytes Time units: ms = milliseconds +# MB = megabytes s = seconds +# GB = gigabytes min = minutes +# h = hours +# d = days + + +#------------------------------------------------------------------------------ +# FILE LOCATIONS +#------------------------------------------------------------------------------ + +# The default values of these variables are driven from the -D command-line +# option or PGDATA environment variable, represented here as ConfigDir. + +#data_directory = 'ConfigDir' # use data in another directory + # (change requires restart) +#hba_file = 'ConfigDir/pg_hba.conf' # host-based authentication file + # (change requires restart) +#ident_file = 'ConfigDir/pg_ident.conf' # ident configuration file + # (change requires restart) + +# If external_pid_file is not explicitly set, no extra PID file is written. +#external_pid_file = '(none)' # write an extra PID file + # (change requires restart) + + +#------------------------------------------------------------------------------ +# CONNECTIONS AND AUTHENTICATION +#------------------------------------------------------------------------------ + +# - Connection Settings - + +#listen_addresses = 'localhost' # what IP address(es) to listen on; + # comma-separated list of addresses; + # defaults to 'localhost', '*' = all + # (change requires restart) +#port = 5432 # (change requires restart) +max_connections = 100 # (change requires restart) +# Note: Increasing max_connections costs ~400 bytes of shared memory per +# connection slot, plus lock space (see max_locks_per_transaction). +#superuser_reserved_connections = 3 # (change requires restart) +#unix_socket_directory = '' # (change requires restart) +#unix_socket_group = '' # (change requires restart) +#unix_socket_permissions = 0777 # begin with 0 to use octal notation + # (change requires restart) +#bonjour_name = '' # defaults to the computer name + # (change requires restart) + +# - Security and Authentication - + +#authentication_timeout = 1min # 1s-600s +#ssl = off # (change requires restart) +#ssl_ciphers = 'ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH' # allowed SSL ciphers + # (change requires restart) +#ssl_renegotiation_limit = 512MB # amount of data between renegotiations +#password_encryption = on +#db_user_namespace = off + +# Kerberos and GSSAPI +#krb_server_keyfile = '' +#krb_srvname = 'postgres' # (Kerberos only) +#krb_caseins_users = off + +# - TCP Keepalives - +# see "man 7 tcp" for details + +#tcp_keepalives_idle = 0 # TCP_KEEPIDLE, in seconds; + # 0 selects the system default +#tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds; + # 0 selects the system default +#tcp_keepalives_count = 0 # TCP_KEEPCNT; + # 0 selects the system default + + +#------------------------------------------------------------------------------ +# RESOURCE USAGE (except WAL) +#------------------------------------------------------------------------------ + +# - Memory - + +shared_buffers = 24MB # min 128kB + # (change requires restart) +#temp_buffers = 8MB # min 800kB +#max_prepared_transactions = 0 # zero disables the feature + # (change requires restart) +# Note: Increasing max_prepared_transactions costs ~600 bytes of shared memory +# per transaction slot, plus lock space (see max_locks_per_transaction). +# It is not advisable to set max_prepared_transactions nonzero unless you +# actively intend to use prepared transactions. +#work_mem = 1MB # min 64kB +#maintenance_work_mem = 16MB # min 1MB +#max_stack_depth = 2MB # min 100kB + +# - Kernel Resource Usage - + +#max_files_per_process = 1000 # min 25 + # (change requires restart) +#shared_preload_libraries = '' # (change requires restart) + +# - Cost-Based Vacuum Delay - + +#vacuum_cost_delay = 0ms # 0-100 milliseconds +#vacuum_cost_page_hit = 1 # 0-10000 credits +#vacuum_cost_page_miss = 10 # 0-10000 credits +#vacuum_cost_page_dirty = 20 # 0-10000 credits +#vacuum_cost_limit = 200 # 1-10000 credits + +# - Background Writer - + +#bgwriter_delay = 200ms # 10-10000ms between rounds +#bgwriter_lru_maxpages = 100 # 0-1000 max buffers written/round +#bgwriter_lru_multiplier = 2.0 # 0-10.0 multipler on buffers scanned/round + +# - Asynchronous Behavior - + +#effective_io_concurrency = 1 # 1-1000. 0 disables prefetching + + +#------------------------------------------------------------------------------ +# WRITE AHEAD LOG +#------------------------------------------------------------------------------ + +# - Settings - + +#fsync = on # turns forced synchronization on or off +#synchronous_commit = on # immediate fsync at commit +#wal_sync_method = fsync # the default is the first option + # supported by the operating system: + # open_datasync + # fdatasync + # fsync + # fsync_writethrough + # open_sync +#full_page_writes = on # recover from partial page writes +#wal_buffers = 64kB # min 32kB + # (change requires restart) +#wal_writer_delay = 200ms # 1-10000 milliseconds + +#commit_delay = 0 # range 0-100000, in microseconds +#commit_siblings = 5 # range 1-1000 + +# - Checkpoints - + +#checkpoint_segments = 3 # in logfile segments, min 1, 16MB each +#checkpoint_timeout = 5min # range 30s-1h +#checkpoint_completion_target = 0.5 # checkpoint target duration, 0.0 - 1.0 +#checkpoint_warning = 30s # 0 disables + +# - Archiving - + +#archive_mode = off # allows archiving to be done + # (change requires restart) +#archive_command = '' # command to use to archive a logfile segment +#archive_timeout = 0 # force a logfile segment switch after this + # number of seconds; 0 disables + + +#------------------------------------------------------------------------------ +# QUERY TUNING +#------------------------------------------------------------------------------ + +# - Planner Method Configuration - + +#enable_bitmapscan = on +#enable_hashagg = on +#enable_hashjoin = on +#enable_indexscan = on +#enable_mergejoin = on +#enable_nestloop = on +#enable_seqscan = on +#enable_sort = on +#enable_tidscan = on + +# - Planner Cost Constants - + +#seq_page_cost = 1.0 # measured on an arbitrary scale +#random_page_cost = 4.0 # same scale as above +#cpu_tuple_cost = 0.01 # same scale as above +#cpu_index_tuple_cost = 0.005 # same scale as above +#cpu_operator_cost = 0.0025 # same scale as above +#effective_cache_size = 128MB + +# - Genetic Query Optimizer - + +#geqo = on +#geqo_threshold = 12 +#geqo_effort = 5 # range 1-10 +#geqo_pool_size = 0 # selects default based on effort +#geqo_generations = 0 # selects default based on effort +#geqo_selection_bias = 2.0 # range 1.5-2.0 + +# - Other Planner Options - + +#default_statistics_target = 100 # range 1-10000 +#constraint_exclusion = partition # on, off, or partition +#cursor_tuple_fraction = 0.1 # range 0.0-1.0 +#from_collapse_limit = 8 +#join_collapse_limit = 8 # 1 disables collapsing of explicit + # JOIN clauses + + +#------------------------------------------------------------------------------ +# ERROR REPORTING AND LOGGING +#------------------------------------------------------------------------------ + +# - Where to Log - + +#log_destination = 'stderr' # Valid values are combinations of + # stderr, csvlog, syslog and eventlog, + # depending on platform. csvlog + # requires logging_collector to be on. + +# This is used when logging to stderr: +logging_collector = on # Enable capturing of stderr and csvlog + # into log files. Required to be on for + # csvlogs. + # (change requires restart) + +# These are only used if logging_collector is on: +log_directory = 'pg_log' # directory where log files are written, + # can be absolute or relative to PGDATA +log_filename = 'postgresql-%a.log' # log file name pattern, + # can include strftime() escapes +log_truncate_on_rotation = on # If on, an existing log file of the + # same name as the new log file will be + # truncated rather than appended to. + # But such truncation only occurs on + # time-driven rotation, not on restarts + # or size-driven rotation. Default is + # off, meaning append to existing files + # in all cases. +log_rotation_age = 1d # Automatic rotation of logfiles will + # happen after that time. 0 disables. +log_rotation_size = 0 # Automatic rotation of logfiles will + # happen after that much log output. + # 0 disables. + +# These are relevant when logging to syslog: +#syslog_facility = 'LOCAL0' +#syslog_ident = 'postgres' + +#silent_mode = off # Run server silently. + # DO NOT USE without syslog or + # logging_collector + # (change requires restart) + + +# - When to Log - + +#client_min_messages = notice # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # log + # notice + # warning + # error + +#log_min_messages = warning # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # info + # notice + # warning + # error + # log + # fatal + # panic + +#log_error_verbosity = default # terse, default, or verbose messages + +#log_min_error_statement = error # values in order of decreasing detail: + # debug5 + # debug4 + # debug3 + # debug2 + # debug1 + # info + # notice + # warning + # error + # log + # fatal + # panic (effectively off) + +#log_min_duration_statement = -1 # -1 is disabled, 0 logs all statements + # and their durations, > 0 logs only + # statements running at least this number + # of milliseconds + + +# - What to Log - + +#debug_print_parse = off +#debug_print_rewritten = off +#debug_print_plan = off +#debug_pretty_print = on +#log_checkpoints = off +#log_connections = off +#log_disconnections = off +#log_duration = off +#log_hostname = off +#log_line_prefix = '' # special values: + # %u = user name + # %d = database name + # %r = remote host and port + # %h = remote host + # %p = process ID + # %t = timestamp without milliseconds + # %m = timestamp with milliseconds + # %i = command tag + # %c = session ID + # %l = session line number + # %s = session start timestamp + # %v = virtual transaction ID + # %x = transaction ID (0 if none) + # %q = stop here in non-session + # processes + # %% = '%' + # e.g. '<%u%%%d> ' +#log_lock_waits = off # log lock waits >= deadlock_timeout +#log_statement = 'none' # none, ddl, mod, all +#log_temp_files = -1 # log temporary files equal or larger + # than the specified size in kilobytes; + # -1 disables, 0 logs all temp files +#log_timezone = unknown # actually, defaults to TZ environment + # setting + + +#------------------------------------------------------------------------------ +# RUNTIME STATISTICS +#------------------------------------------------------------------------------ + +# - Query/Index Statistics Collector - + +#track_activities = on +#track_counts = on +#track_functions = none # none, pl, all +#track_activity_query_size = 1024 +#update_process_title = on +#stats_temp_directory = 'pg_stat_tmp' + + +# - Statistics Monitoring - + +#log_parser_stats = off +#log_planner_stats = off +#log_executor_stats = off +#log_statement_stats = off + + +#------------------------------------------------------------------------------ +# AUTOVACUUM PARAMETERS +#------------------------------------------------------------------------------ + +#autovacuum = on # Enable autovacuum subprocess? 'on' + # requires track_counts to also be on. +#log_autovacuum_min_duration = -1 # -1 disables, 0 logs all actions and + # their durations, > 0 logs only + # actions running at least this number + # of milliseconds. +#autovacuum_max_workers = 3 # max number of autovacuum subprocesses +#autovacuum_naptime = 1min # time between autovacuum runs +#autovacuum_vacuum_threshold = 50 # min number of row updates before + # vacuum +#autovacuum_analyze_threshold = 50 # min number of row updates before + # analyze +#autovacuum_vacuum_scale_factor = 0.2 # fraction of table size before vacuum +#autovacuum_analyze_scale_factor = 0.1 # fraction of table size before analyze +#autovacuum_freeze_max_age = 200000000 # maximum XID age before forced vacuum + # (change requires restart) +#autovacuum_vacuum_cost_delay = 20ms # default vacuum cost delay for + # autovacuum, in milliseconds; + # -1 means use vacuum_cost_delay +#autovacuum_vacuum_cost_limit = -1 # default vacuum cost limit for + # autovacuum, -1 means use + # vacuum_cost_limit + + +#------------------------------------------------------------------------------ +# CLIENT CONNECTION DEFAULTS +#------------------------------------------------------------------------------ + +# - Statement Behavior - + +#search_path = '"$user",public' # schema names +#default_tablespace = '' # a tablespace name, '' uses the default +#temp_tablespaces = '' # a list of tablespace names, '' uses + # only default tablespace +#check_function_bodies = on +#default_transaction_isolation = 'read committed' +#default_transaction_read_only = off +#session_replication_role = 'origin' +#statement_timeout = 0 # in milliseconds, 0 is disabled +#vacuum_freeze_min_age = 50000000 +#vacuum_freeze_table_age = 150000000 +#xmlbinary = 'base64' +#xmloption = 'content' + +# - Locale and Formatting - + +datestyle = 'iso, mdy' +#intervalstyle = 'postgres' +#timezone = unknown # actually, defaults to TZ environment + # setting +#timezone_abbreviations = 'Default' # Select the set of available time zone + # abbreviations. Currently, there are + # Default + # Australia + # India + # You can create your own file in + # share/timezonesets/. +#extra_float_digits = 0 # min -15, max 2 +#client_encoding = sql_ascii # actually, defaults to database + # encoding + +# These settings are initialized by initdb, but they can be changed. +lc_messages = 'en_US.UTF-8' # locale for system error message + # strings +lc_monetary = 'en_US.UTF-8' # locale for monetary formatting +lc_numeric = 'en_US.UTF-8' # locale for number formatting +lc_time = 'en_US.UTF-8' # locale for time formatting + +# default configuration for text search +default_text_search_config = 'pg_catalog.english' + +# - Other Defaults - + +#dynamic_library_path = '$libdir' +#local_preload_libraries = '' + + +#------------------------------------------------------------------------------ +# LOCK MANAGEMENT +#------------------------------------------------------------------------------ + +#deadlock_timeout = 1s +#max_locks_per_transaction = 64 # min 10 + # (change requires restart) +# Note: Each lock table slot uses ~270 bytes of shared memory, and there are +# max_locks_per_transaction * (max_connections + max_prepared_transactions) +# lock table slots. + + +#------------------------------------------------------------------------------ +# VERSION/PLATFORM COMPATIBILITY +#------------------------------------------------------------------------------ + +# - Previous PostgreSQL Versions - + +#add_missing_from = off +#array_nulls = on +#backslash_quote = safe_encoding # on, off, or safe_encoding +#default_with_oids = off +#escape_string_warning = on +#regex_flavor = advanced # advanced, extended, or basic +#sql_inheritance = on +#standard_conforming_strings = off +#synchronize_seqscans = on + +# - Other Platforms and Clients - + +#transform_null_equals = off + + +#------------------------------------------------------------------------------ +# CUSTOMIZED OPTIONS +#------------------------------------------------------------------------------ + +#custom_variable_classes = '' # list of custom variable class names + +ssl = on diff --git a/recipes/aeolus/files/qpidd.conf b/recipes/aeolus/files/qpidd.conf new file mode 100644 index 0000000..da050c0 --- /dev/null +++ b/recipes/aeolus/files/qpidd.conf @@ -0,0 +1,25 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# +# Configuration file for qpidd. Entries are of the form: +# name=value +# +# (Note: no spaces on either side of '='). Using default settings: +# "qpidd --help" or "man qpidd" for more details. +cluster-mechanism=ANONYMOUS +auth=no diff --git a/recipes/aeolus/files/solr.conf b/recipes/aeolus/files/solr.conf new file mode 100644 index 0000000..3830292 --- /dev/null +++ b/recipes/aeolus/files/solr.conf @@ -0,0 +1,3 @@ +#Provide a spot for overrides +#RAILS_ENV=production + diff --git a/recipes/aeolus/files/solr.init b/recipes/aeolus/files/solr.init new file mode 100644 index 0000000..f6bdb3c --- /dev/null +++ b/recipes/aeolus/files/solr.init @@ -0,0 +1,75 @@ +#!/bin/bash +# +# +# solr startup script for solr server +# +# chkconfig: - 40 60 +# description: solr is primary server process for the \ +# solr component. +# + +[ -r /etc/sysconfig/solr ] && . /etc/sysconfig/solr + +LOCKFILE="${LOCKFILE:-/var/lock/subsys/solr}" +RAILS_ENV="${RAILS_ENV:-production}" +PIDFILE=/usr/share/aeolus-conductor/tmp/pids/sunspot-solr-$RAILS_ENV.pid +PROG=/usr/bin/rake + +. /etc/init.d/functions + +start() { + echo -n "Starting solr: " + + cd /usr/share/aeolus-conductor; RAILS_ENV=$RAILS_ENV daemon --pidfile=$PIDFILE $PROG sunspot:solr:start + RETVAL=$? + if [ $RETVAL -eq 0 ] && touch $LOCKFILE ; then + echo_success + echo + else + echo_failure + echo + fi +} + +stop() { + echo -n "Shutting down solr: " + RETVAL=$? + cd /usr/share/aeolus-conductor; RAILS_ENV=$RAILS_ENV $PROG sunspot:solr:stop + + if [ $RETVAL -eq 0 ] && rm -f $LOCKFILE ; then + echo_success + echo + else + echo_failure + echo + fi +} + +case "$1" in + start) + start + ;; + stop) + stop + ;; + restart) + stop + start + ;; + reload) + ;; + force-reload) + restart + ;; + status) + status -p $PIDFILE $PROG + RETVAL=$? + ;; + *) + echo "Usage: solr {start|stop|restart|status}" + exit 1 + ;; +esac + +exit $RETVAL + diff --git a/recipes/aeolus/lib/puppet/provider/web_request/curl.rb b/recipes/aeolus/lib/puppet/provider/web_request/curl.rb new file mode 100644 index 0000000..925b865 --- /dev/null +++ b/recipes/aeolus/lib/puppet/provider/web_request/curl.rb @@ -0,0 +1,128 @@ +require 'curb' +require 'uuid' +require 'fileutils' + +# Helper to invoke the web request w/ curl +def web_request(method, uri, request_params, params = {}) + raise Puppet::Error, "Must specify http method and uri" if method.nil? || uri.nil? + + curl = Curl::Easy.new + + if params.has_key?(:cookie) + curl.enable_cookies = true + curl.cookiefile = params[:cookie] + curl.cookiejar = params[:cookie] + end + + curl.follow_location = (params.has_key?(:follow) && params[:follow]) + + case(method) + when 'get' + url = uri + url += ";" + request_params.collect { |k,v| "#{k}=#{v}" }.join("&") unless request_params.nil? + curl.url = url + curl.http_get + return curl + + when 'post' + cparams = [] + request_params.each_pair { |k,v| cparams << Curl::PostField.content(k,v) } unless request_params.nil? + curl.url = uri + curl.http_post(cparams) + return curl + + #when 'put' + #when 'delete' + end +end + +# Helper to verify the response +def verify_result(result, verify = {}) + returns = (verify.has_key?(:returns) && !verify[:returns].nil?) ? verify[:returns] : "200" + returns = [returns] unless returns.is_a? Array + unless returns.include?(result.response_code.to_s) + raise Puppet::Error, "Invalid HTTP Return Code: #{result.response_code}, + was expecting one of #{returns.join(", ")}" + end + + if verify.has_key?(:body) && !verify[:body].nil? && !(result.body_str =~ Regexp.new(verify[:body])) + raise Puppet::Error, "Expecting #{verify[:body]} in the result" + end +end + +# Helper to process/parse web parameters +def process_params(request_method, params, uri) + begin + # Set request method and generate a unique session key + session = "/tmp/#{UUID.new.generate}" + + # Invoke a login request if necessary + if params[:login] + login_params = params[:login].reject { |k,v| ['http_method', 'uri'].include?(k) } + web_request(params[:login]['http_method'], params[:login]['uri'], + login_params, :cookie => session, :follow => params[:follow]).close + end + + # Check to see if we should actually run the request + skip_request = !params[:unless].nil? + if params[:unless] + result = web_request(params[:unless]['http_method'], params[:unless]['uri'], + params[:unless]['parameters'], + :cookie => session, :follow => params[:follow]) + begin + verify_result(result, + :returns => params[:unless]['returns'], + :body => params[:unless]['verify']) + rescue Puppet::Error => e + skip_request = false + end + result.close + end + return if skip_request + + # Actually run the request and verify the result + uri = params[:name] if uri.nil? + result = web_request(request_method, uri, params[:parameters], + :cookie => session, :follow => params[:follow]) + verify_result(result, + :returns => params[:returns], + :body => params[:verify]) + result.close + + # Invoke a logout request if necessary + if params[:logout] + logout_params = params[:login].reject { |k,v| ['http_method', 'uri'].include?(k) } + web_request(params[:logout]['http_method'], params[:logout]['uri'], + logout_params, :cookie => session, :follow => params[:follow]).close + end + + rescue Exception => e + raise Puppet::Error, "An exception was raised when invoking web request: #{e}" + + ensure + FileUtils.rm_f(session) if params[:logout] + end +end + +# Puppet provider definition +Puppet::Type.type(:web_request).provide :curl do + desc "Use curl to access web resources" + + def get + @uri + end + + def post + @uri + end + + def get=(uri) + @uri = uri + process_params('get', @resource, uri) + end + + def post=(uri) + @uri = uri + process_params('post', @resource, uri) + end +end diff --git a/recipes/aeolus/lib/puppet/type/web_request.rb b/recipes/aeolus/lib/puppet/type/web_request.rb new file mode 100644 index 0000000..5225633 --- /dev/null +++ b/recipes/aeolus/lib/puppet/type/web_request.rb @@ -0,0 +1,49 @@ +Puppet::Type.newtype(:web_request) do + @doc = "Issue a request via the world wide web" + + newparam :name + + newproperty(:get) do + desc "Issue get request to the specified uri" + # TODO valid value to be a uri + end + + newproperty(:post) do + desc "Issue get request to the specified uri" + # TODO valid value to be a uri + end + + #newproperty(:delete) + #newproperty(:put) + + newparam(:parameters) do + desc "Hash of parameters to include in the web request" + end + + newparam(:returns) do + desc "Expected http return codes of the request" + defaultto "200" + # TODO validate value(s) is among possible valid http return codes + end + + newparam(:follow) do + desc "Boolean indicating if redirects should be followed" + newvalues(:true, :false) + end + + newparam(:verify) do + desc "String to verify as being part of the result" + end + + newparam(:login) do + desc "Login parameters to be used if a login is required before making the request" + end + + newparam(:logout) do + desc "Logout parameters to be used if a logout is requred after making the request" + end + + newparam(:unless) do + desc "Do not run request if the request specified here succeeds" + end +end diff --git a/recipes/aeolus/manifests/aeolus.pp b/recipes/aeolus/manifests/aeolus.pp new file mode 100644 index 0000000..a399771 --- /dev/null +++ b/recipes/aeolus/manifests/aeolus.pp @@ -0,0 +1,64 @@ +# Aeolus puppet definitions + +import "postgres" +import "apache" +import "rails" +import "selinux" +import "ntp" + +import "conductor" +import "deltacloud" +import "iwhd" +import "image-factory" + +if $aeolus_enable_https == "true" or $aeolus_enable_https == "1" { + import "openssl" + $enable_https = true +} else { + $enable_https = false +} + +if $aeolus_enable_security == "true" or $aeolus_enable_security == "1" { + import "openssl" + $enable_security = true +} else { + $enable_security = false +} + + +# Base aeolus class +class aeolus { + package{'curl': ensure => 'installed'} + + # Setup repos which to pull aeolus components + # TODO: Don't hardcode these repos to RHEL-6 + # The issue is that $releasever resolves to something like 6Server + # so we either need to have a repo per RHEL variant, or we need + # to have smarter logic here + $base_url_release = $operatingsystem ? { 'fedora' => "fedora-$releasever", + 'redhat' => 'rhel-6' } + $pulp_base_url_release = $operatingsystem ? { 'fedora' => "fedora-13", + 'redhat' => 'rhel5' } + + yumrepo{"${name}_arch": + name => "${name}_arch", + descr => "${name}_arch", + baseurl => "http://repos.fedorapeople.org/repos/aeolus/packages/$%7Bbase_url_release%7D/...", + enabled => 0, gpgcheck => 0} + yumrepo{"${name}_noarch": + name => "${name}_noarch", + descr => "${name}_noarch", + baseurl => "http://repos.fedorapeople.org/repos/aeolus/packages/$%7Bbase_url_release%7D/...", + enabled => 0, gpgcheck => 0} + +} + +# Create a new provider in aeolus +define aeolus::provider($type, $port, $endpoint=""){ + aeolus::deltacloud{$name: provider_type => $type, endpoint => $endpoint, port => $port} + aeolus::conductor::provider{$name: + type => $type, + url => "http://localhost:$%7Bport%7D/api", + require => Aeolus::Deltacloud[$name] } +} + diff --git a/recipes/aeolus/manifests/conductor.pp b/recipes/aeolus/manifests/conductor.pp new file mode 100644 index 0000000..b3dc3aa --- /dev/null +++ b/recipes/aeolus/manifests/conductor.pp @@ -0,0 +1,308 @@ +# Aeolus conductor puppet definitions + +class aeolus::conductor inherits aeolus { + ### Install the aeolus components + # specific versions of these two packages are needed and we need to pull the third in + package {['aeolus-conductor', + 'aeolus-conductor-daemons']: + ensure => 'installed'} + + # to be renamed to aeolus-connector + package {'rubygem-image_factory_connector': + ensure => 'installed'} + + file {"/var/lib/aeolus-conductor": + ensure => directory } + + ### Setup selinux for deltacloud + selinux::mode{"permissive":} + + ### Start the aeolus services + file {"/var/lib/condor/condor_config.local": + source => "puppet:///modules/aeolus/condor_config.local", + require => Package['aeolus-conductor-daemons'] } + # condor requires an explicit non-localhost hostname + # TODO we can also kill the configure sequence here instead + exec{"/bin/echo 'hostname/domain should be explicitly set and should not be localhost.localdomain'": + logoutput => true, + onlyif => "/usr/bin/test `/bin/hostname` = 'localhost.localdomain'" + } + service { ['condor']: + ensure => 'running', + enable => true, + hasstatus => true, + require => File['/var/lib/condor/condor_config.local'] } + service { ['aeolus-conductor', + 'conductor-warehouse_sync', + 'conductor-dbomatic', + 'conductor-delayed_job']: + ensure => 'running', + enable => true, + hasstatus => true, + require => [Package['aeolus-conductor-daemons'], + Rails::Migrate::Db[migrate_aeolus_database], + Service['condor', 'httpd']] } + + service{ 'aeolus-connector': + ensure => 'running', + enable => true, + hasstatus => true, + require => [Package['rubygem-image_factory_connector'], + Service[qpidd]]} + + ### Initialize and start the aeolus database + # Right now we configure and start postgres, at some point I want + # to make the db that gets setup configurable + include postgres::server + if $enable_security { + openssl::certificate{"/var/lib/pgsql/data/server": + user => 'postgres', + group => 'postgres', + require => Exec["pginitdb"], + notify => Service['postgresql']} + # since we're self signing for now, use the same certificate for the root + file { "/var/lib/pgsql/data/root.crt": + require => Openssl::Certificate["/var/lib/pgsql/data/server"], + source => "/var/lib/pgsql/data/server.crt", + owner => 'postgres', + group => 'postgres', + notify => Service['postgresql'] } + file { "/var/lib/pgsql/data/pg_hba.conf": + source => "puppet:///modules/aeolus/pg_hba-ssl.conf", + require => Exec["pginitdb"], + owner => 'postgres', + group => 'postgres', + notify => Service['postgresql']} + file { "/var/lib/pgsql/data/postgresql.conf": + source => "puppet:///modules/aeolus/postgresql.conf", + require => Exec["pginitdb"], + owner => 'postgres', + group => 'postgres', + notify => Service['postgresql']} + } else { + file { "/var/lib/pgsql/data/pg_hba.conf": + source => "puppet:///modules/aeolus/pg_hba.conf", + require => Exec["pginitdb"], + notify => Service['postgresql']} + } + postgres::user{"aeolus": + password => "v23zj59an", + roles => "CREATEDB", + require => [Service["postgresql"], File["/var/lib/pgsql/data/pg_hba.conf"]] } + + + # Create aeolus database + rails::create::db{"create_aeolus_database": + cwd => "/usr/share/aeolus-conductor", + rails_env => "production", + require => [Postgres::User[aeolus], Package['aeolus-conductor']] } + rails::migrate::db{"migrate_aeolus_database": + cwd => "/usr/share/aeolus-conductor", + rails_env => "production", + require => [Rails::Create::Db[create_aeolus_database], Service['solr']]} + rails::seed::db{"seed_aeolus_database": + cwd => "/usr/share/aeolus-conductor", + rails_env => "production", + require => Rails::Migrate::Db[migrate_aeolus_database]} + + ### Prepare the image package repositories + exec{"dc_prepare_repos": + cwd => '/usr/share/aeolus-conductor', + environment => "RAILS_ENV=production", + command => "/usr/bin/rake dc:prepare_repos", + require => Package['aeolus-conductor'] } + + + ### Setup/start solr search service + file{"/etc/init.d/solr": + source => 'puppet:///modules/aeolus/solr.init', + mode => 755 + } + + file{"/etc/sysconfig/solr": + source => 'puppet:///modules/aeolus/solr.conf', + mode => 755 + } + # TODO we manually have to install java for solr, we should remove this once this is a dep in the solr rpm + package{"java-1.6.0-openjdk": + ensure => "installed" } + service{"solr": + hasstatus => "false", + pattern => "jetty.port=8983", + ensure => 'running', + enable => 'true', + require => [File['/etc/init.d/solr', '/etc/init.d/solr'], + Package["java-1.6.0-openjdk"], + Package['aeolus-conductor'], + Rails::Create::Db['create_aeolus_database']]} + + exec{"build_solr_index": + cwd => "/usr/share/aeolus-conductor", + command => "/usr/bin/rake sunspot:reindex", + logoutput => true, + environment => "RAILS_ENV=production", + require => Rails::Migrate::Db['migrate_aeolus_database']} + + + ### Setup apache for deltacloud + include apache + if $enable_https { + apache::site{"aeolus-conductor": source => 'puppet:///modules/aeolus/aggregator-httpd-ssl.conf'} + } else{ + apache::site{"aeolus-conductor": source => 'puppet:///modules/aeolus/aggregator-httpd.conf'} + } + + ### Setup sshd for deltacloud + package { "openssh-server": ensure => installed } + service{"sshd": + require => Package["openssh-server"], + ensure => 'running', + enable => 'true' } +} + +class aeolus::conductor::seed_data { + aeolus::create_bucket{"aeolus":} + + aeolus::site_admin{"$admin_user": + email => 'dcuser@aeolusproject.org', + password => "$admin_password", + first_name => 'aeolus', + last_name => 'user'} + + aeolus::provider{"mock": + type => 'mock', + port => 3002, + require => Aeolus::Site_admin["admin"] } + + aeolus::provider{"ec2-us-east-1": + type => 'ec2', + endpoint => 'us-east-1', + port => 3003, + require => Aeolus::Site_admin["admin"] } + + aeolus::provider{"ec2-us-west-1": + type => 'ec2', + endpoint => 'us-west-1', + port => 3004, + require => Aeolus::Site_admin["admin"] } + + aeolus::conductor::hwp{"hwp1": + memory => "1", + cpu => "1", + storage => "1", + architecture => "x86_64", + require => Aeolus::Site_admin["admin"] } + +} + +class aeolus::conductor::remove_seed_data { + aeolus::deltacloud::disabled{"mock": } + aeolus::deltacloud::disabled{"ec2-us-east-1": } + aeolus::deltacloud::disabled{"ec2-us-west-1": } +} + +class aeolus::conductor::disabled { + file {"/var/lib/aeolus-conductor": + ensure => absent, + force => true + } + + ### Stop the aeolus services + service { ['condor', 'httpd']: + ensure => 'stopped', + enable => false, + require => Service['aeolus-conductor', + 'conductor-warehouse_sync', + 'conductor-dbomatic', + 'conductor-delayed_job'] } + service { ['aeolus-conductor', + 'conductor-warehouse_sync', + 'conductor-dbomatic', + 'conductor-delayed_job', + 'aeolus-connector']: + ensure => 'stopped', + enable => false, + hasstatus => true } + + ### Destroy the aeolus database + rails::drop::db{"drop_aeolus_database": + cwd => "/usr/share/aeolus-conductor", + rails_env => "production", + require => Service["aeolus-conductor", + 'conductor-warehouse_sync', + "conductor-dbomatic", + "conductor-delayed_job"]} + postgres::user{"aeolus": + ensure => 'dropped', + require => Rails::Drop::Db["drop_aeolus_database"]} + + ### stop solr search service + service{"solr": + hasstatus => false, + stop => "cd /usr/share/aeolus-conductor;RAILS_ENV=production /usr/bin/rake sunspot:solr:stop", + pattern => "solr", + ensure => 'stopped', + require => Service['aeolus-conductor']} +} + +# Create a new site admin conductor web user +define aeolus::site_admin($email="", $password="", $first_name="", $last_name=""){ + exec{"create_site_admin_user": + cwd => '/usr/share/aeolus-conductor', + environment => "RAILS_ENV=production", + command => "/usr/bin/rake dc:create_user[${name}] email=${email} password=${password} first_name=${first_name} last_name=${last_name}", + logoutput => true, + unless => "/usr/bin/test `psql conductor aeolus -P tuples_only -c "select count(*) from users where login = '${name}';"` = "1"", + require => Rails::Seed::Db["seed_aeolus_database"]} + exec{"grant_site_admin_privs": + cwd => '/usr/share/aeolus-conductor', + environment => "RAILS_ENV=production", + command => "/usr/bin/rake dc:site_admin[${name}]", + logoutput => true, + unless => "/usr/bin/test `psql conductor aeolus -P tuples_only -c "select count(*) FROM roles INNER JOIN permissions ON (roles.id = permissions.role_id) INNER JOIN users ON (permissions.user_id = users.id) where roles.name = 'Administrator' AND users.login = '${name}';"` = "1"", + require => Exec[create_site_admin_user]} +} + +# Create a new provider via the conductor +define aeolus::conductor::provider($type="",$url=""){ + web_request{ "provider-$name": + post => "https://localhost/conductor/providers", + parameters => { 'provider[name]' => $name, 'provider[url]' => $url, + 'provider[provider_type_codename]' => $type }, + returns => '200', + verify => '.*Provider added.*', + follow => true, + unless => { 'http_method' => 'get', + 'uri' => 'https://localhost/conductor/providers', + 'verify' => ".*$name.*" }, + require => Service['aeolus-conductor'] + } +} + +define aeolus::conductor::hwp($memory='', $cpu='', $storage='', $architecture=''){ + web_request{ "hwp-$name": + post => "https://localhost/conductor/hardware_profiles", + parameters => {'hardware_profile[name]' => $name, + 'hardware_profile[memory_attributes][value]' => $memory, + 'hardware_profile[cpu_attributes][value]' => $cpu, + 'hardware_profile[storage_attributes][value]' => $storage, + 'hardware_profile[architecture_attributes][value]' => $architecture, + 'hardware_profile[memory_attributes][name]' => 'memory', + 'hardware_profile[memory_attributes][unit]' => 'MB', + 'hardware_profile[cpu_attributes][name]' => 'cpu', + 'hardware_profile[cpu_attributes][unit]' => 'count', + 'hardware_profile[storage_attributes][name]' => 'storage', + 'hardware_profile[storage_attributes][unit]' => 'GB', + 'hardware_profile[architecture_attributes][name]' => 'architecture', + 'hardware_profile[architecture_attributes][unit]' => 'label', + 'commit' => 'Save'}, + returns => '200', + #verify => '.*Hardware profile added.*', + follow => true, + unless => { 'http_method' => 'get', + 'uri' => 'https://localhost/conductor/hardware_profiles', + 'verify' => ".*$name.*" }, + require => Service['aeolus-conductor'] + } +} + diff --git a/recipes/aeolus/manifests/defaults.pp b/recipes/aeolus/manifests/defaults.pp new file mode 100644 index 0000000..f2fc891 --- /dev/null +++ b/recipes/aeolus/manifests/defaults.pp @@ -0,0 +1,23 @@ +#Set up some defaults + +#Use rpm because it will fail because we don't provide source. +#This is an easy mechanism to have puppet fail when packages +#aren't installed, but also an easy way to tune it back to +#the behavior of installing packages that are missing by +#switching back to yum + +Package {provider => 'rpm'} + +$admin_user='admin' +$admin_password='password' + +# Setup the default login/logout targets for web requests +Web_request{ + login => { 'http_method' => 'post', + 'uri' => 'https://localhost/conductor/user_session', + 'user_session[login]' => "$admin_user", + 'user_session[password]' => "$admin_password", + 'commit' => 'submit' }, + logout => { 'http_method' => 'post', + 'uri' => 'https://localhost/conductor/logout' } +} diff --git a/recipes/aeolus/manifests/deltacloud.pp b/recipes/aeolus/manifests/deltacloud.pp new file mode 100644 index 0000000..a274e67 --- /dev/null +++ b/recipes/aeolus/manifests/deltacloud.pp @@ -0,0 +1,53 @@ +# Aeolus deltacloud puppet definitions + +class aeolus::deltacloud::core { + ### Install the aeolus components + include aeolus + + package { 'deltacloud-core': + ensure => 'installed', require => Yumrepo['aeolus_arch', 'aeolus_noarch']} +} + +class aeolus::deltacloud::ec2 { + ### Install the driver-specific components + # install ec2 support, + package { "rubygem-aws": + ensure => 'installed' } +} + + +# install the deltacloud component w/ the specified driver +define aeolus::deltacloud($provider_type="", $endpoint='', $port="3002") { + include aeolus::deltacloud::core + + if $provider_type == "ec2" { + include aeolus::deltacloud::ec2 + } + + ### we need to sync time to communicate w/ cloud providers + include ntp::client + + ### Start the aeolus services + file { "/var/log/deltacloud-${name}": ensure => 'directory' } + file {"/etc/init.d/deltacloud-${name}": + content => template("aeolus/deltacloud-core"), + mode => 755 } + service { "deltacloud-${name}": + ensure => 'running', + enable => true, + require => [Package['deltacloud-core'], + Package['rubygem-aws'], + File["/etc/init.d/deltacloud-${name}", "/var/log/deltacloud-${name}"]] } +} + +define aeolus::deltacloud::disabled() { + ### Stop the aeolus services + service { "deltacloud-${name}": + ensure => 'stopped', + enable => false, + hasstatus => true} + file {"/etc/init.d/deltacloud-${name}": + ensure => absent, + require => Service["deltacloud-${name}"]} +} + diff --git a/recipes/aeolus/manifests/image-factory.pp b/recipes/aeolus/manifests/image-factory.pp new file mode 100644 index 0000000..1a75bd6 --- /dev/null +++ b/recipes/aeolus/manifests/image-factory.pp @@ -0,0 +1,64 @@ +# Aeolus image factory puppet definitions + +class aeolus::image-factory inherits aeolus { + + package { 'libvirt': + ensure=> 'installed' + } + package { 'imagefactory': + ensure => 'installed', + require => [Yumrepo['aeolus_arch', 'aeolus_noarch']] + } + package { 'qpid-cpp-server': + ensure => 'installed' } + + ### Configure pulp to fetch from Fedora + # TODO uncomment when factory/warehouse uses pulp + #exec{"pulp_fedora_config": + # command => "/usr/bin/pulp-admin -u admin -p admin repo create --id=fedora-repo --feed yum:http://download.fedora.redhat.com/pub/fedora/linux/updates/13/x86_64/" + #} + + ### Start the aeolus services + file { "/etc/qpidd.conf": + source => "puppet:///modules/aeolus/qpidd.conf", + mode => 644 } + service {'qpidd': + ensure => 'running', + enable => true, + require => [File['/etc/qpidd.conf'], + Package['qpid-cpp-server']]} + file { "/var/tmp/imagefactory-mock": + ensure => "directory", + mode => 755 } + service {'libvirtd': + ensure => 'running', + enable => true, + hasstatus => true, + require => Package['libvirt']} + $requires = [Package['imagefactory'], + File['/var/tmp/imagefactory-mock'], + Service[qpidd], Service[libvirtd], + Rails::Seed::Db[seed_aeolus_database]] + service { 'imagefactory': + ensure => 'running', + enable => true, + hasstatus => true, + require => $requires} +} + +class aeolus::image-factory::disabled { + ### Stop the aeolus services + service {'qpidd': + ensure => 'stopped', + enable => false, + require => Service['imagefactory']} + + service { 'imagefactory': + ensure => 'stopped', + hasstatus => true, + enable => false} + + ### Destroy and cleanup aeolus artifacts + exec{"remove_aeolus_templates": command => "/bin/rm -rf /templates"} +} + diff --git a/recipes/aeolus/manifests/init.pp b/recipes/aeolus/manifests/init.pp new file mode 100644 index 0000000..e3e601c --- /dev/null +++ b/recipes/aeolus/manifests/init.pp @@ -0,0 +1,63 @@ +# Aeolus puppet definitions + +import "postgres" +import "apache" +import "rails" +import "selinux" +import "ntp" + +import "conductor" +import "deltacloud" +import "iwhd" +import "image-factory" + +if $aeolus_enable_https == "true" or $aeolus_enable_https == "1" { + import "openssl" + $enable_https = true +} else { + $enable_https = false +} + +if $aeolus_enable_security == "true" or $aeolus_enable_security == "1" { + import "openssl" + $enable_security = true +} else { + $enable_security = false +} + + +# Base aeolus class +class aeolus { + package{'curl': ensure => 'installed'} + + # Setup repos which to pull aeolus components + # TODO: Don't hardcode these repos to RHEL-6 + # The issue is that $releasever resolves to something like 6Server + # so we either need to have a repo per RHEL variant, or we need + # to have smarter logic here + $base_url_release = $operatingsystem ? { 'fedora' => "fedora-$releasever", + 'redhat' => 'rhel-6' } + $pulp_base_url_release = $operatingsystem ? { 'fedora' => "fedora-13", + 'redhat' => 'rhel5' } + + yumrepo{"${name}_arch": + name => "${name}_arch", + descr => "${name}_arch", + baseurl => "http://repos.fedorapeople.org/repos/aeolus/packages/$%7Bbase_url_release%7D/...", + enabled => 0, gpgcheck => 0} + yumrepo{"${name}_noarch": + name => "${name}_noarch", + descr => "${name}_noarch", + baseurl => "http://repos.fedorapeople.org/repos/aeolus/packages/$%7Bbase_url_release%7D/...", + enabled => 0, gpgcheck => 0} + +} + +# Create a new provider in aeolus +define aeolus::provider($type, $port, $endpoint=""){ + aeolus::deltacloud{$name: provider_type => $type, endpoint => $endpoint, port => $port} + aeolus::conductor::provider{$name: + type => $type, + url => "http://localhost:$%7Bport%7D/api", + require => Aeolus::Deltacloud[$name] } +} diff --git a/recipes/aeolus/manifests/iwhd.pp b/recipes/aeolus/manifests/iwhd.pp new file mode 100644 index 0000000..d012258 --- /dev/null +++ b/recipes/aeolus/manifests/iwhd.pp @@ -0,0 +1,57 @@ +# aeolus iwhd puppet definitions + +class aeolus::iwhd inherits aeolus { + ### Install the deltacloud components + package { 'iwhd': + ensure => 'installed', + require => Yumrepo['aeolus_arch', 'aeolus_noarch'] } + + package { 'mongodb-server': + ensure => 'installed' } + + ### Start the aeolus services + file { "/data": ensure => 'directory' } + file { "/data/db": ensure => 'directory' } + file { "/etc/iwhd": ensure => 'directory'} + + service { 'mongod': + ensure => 'running', + enable => true, + require => [Package['mongodb-server'], File["/data/db"]]} + + service { 'iwhd': + ensure => 'running', + enable => true, + hasstatus => true, + require => [Package['iwhd'], + Service[mongod]]} + + # XXX ugly hack but iwhd might take some time to come up + exec{"iwhd_startup_pause": + command => "/bin/sleep 2", + unless => '/usr/bin/curl http://localhost:9090', + logoutput => true, + require => Service['iwhd']} +} + +class aeolus::iwhd::disabled { + ### Stop the aeolus services + service { 'mongod': + ensure => 'stopped', + enable => false, + require => Service[iwhd]} + + service { 'iwhd': + ensure => 'stopped', + enable => false, + hasstatus => true} +} + +# Create a named bucket in iwhd +define aeolus::create_bucket(){ + exec{"create-bucket-${name}": + command => "/usr/bin/curl -X PUT http://localhost:9090/templates", + logoutput => true, + require => [Exec['iwhd_startup_pause'], Package[curl]] } +} + diff --git a/recipes/aeolus/manifests/rails.pp b/recipes/aeolus/manifests/rails.pp new file mode 100644 index 0000000..5586a8d --- /dev/null +++ b/recipes/aeolus/manifests/rails.pp @@ -0,0 +1,43 @@ +# Some convenience routines for rails + +define rails::create::db($cwd="", $rails_env=""){ + exec{"create_rails_database": + cwd => $cwd, + environment => "RAILS_ENV=${rails_env}", + logoutput => true, + command => "/usr/bin/rake db:create"} + +} + +define rails::migrate::db($cwd="", $rails_env=""){ + exec{"migrate_rails_database": + cwd => $cwd, + environment => "RAILS_ENV=${rails_env}", + command => "/usr/bin/rake db:migrate"} +} + +define rails::seed::db($cwd="", $rails_env=""){ + exec{"seed_rails_database": + cwd => $cwd, + environment => "RAILS_ENV=${rails_env}", + command => "/usr/bin/rake db:seed", + logoutput => true, + creates => "/var/lib/aeolus-conductor/${rails_env}.seed" + } + + file{"/var/lib/aeolus-conductor/${rails_env}.seed": + ensure => present, + recurse => true, + require => [Exec['seed_rails_database'], File['/var/lib/aeolus-conductor']] + } +} + +define rails::drop::db($cwd="", $rails_env=""){ + exec{"drop_rails_database": + cwd => $cwd, + onlyif => "/usr/bin/test -f ${cwd}/Rakefile", + environment => "RAILS_ENV=${rails_env}", + logoutput => true, + command => "/usr/bin/rake db:drop"} +} + diff --git a/recipes/aeolus/manifests/selinux.pp b/recipes/aeolus/manifests/selinux.pp new file mode 100644 index 0000000..0424c36 --- /dev/null +++ b/recipes/aeolus/manifests/selinux.pp @@ -0,0 +1,13 @@ +# Some convenience routines for selinux + +define selinux::mode(){ + $mode = $name ? { + 'permissive' => '0', + 'enforcing' => '1' + } + exec{"set_selinux_${name}": + command => "/usr/sbin/setenforce ${mode}", + unless => "/usr/bin/test 'Disabled' = `/usr/sbin/getenforce`" + } +} + diff --git a/recipes/aeolus/templates/deltacloud-core b/recipes/aeolus/templates/deltacloud-core new file mode 100644 index 0000000..0f52b65 --- /dev/null +++ b/recipes/aeolus/templates/deltacloud-core @@ -0,0 +1,103 @@ +#!/bin/bash +# +# +# deltacloud-core startup script for deltacloud-core server +# +# chkconfig: - 97 03 +# description: deltacloud-core is primary server process for the \ +# Deltacloud Core component. +# + +[ -r /etc/sysconfig/deltacloud-<%= name %> ] && . /etc/sysconfig/deltacloud-<%= name %> + +ENV="${ENV:-production}" +DRIVER="${DRIVER:-<%= provider_type %>}" +PORT="${PORT:-<%= port %>}" +LOCKFILE="${LOCKFILE:-/var/lock/subsys/deltacloud-<%= name %> }" +LOGFILE="${LOGFILE:-/var/log/deltacloud-<%= name %>/$DRIVER.log}" +PIDFILE="${THIN_PID:-/var/run/deltacloud-<%= name %>.pid}" +export DELTACLOUD_MOCK_STORAGE=/usr/lib/ruby/gems/1.8/gems/deltacloud-<%= name %>-0.3.0/lib/deltacloud/drivers/mock/data/ + +PROG=/usr/bin/deltacloudd + +STARTTIMEOUT=20 + +. /etc/init.d/functions + +start() { + echo -n "Starting deltacloud-<%= name %>: " + + if [ -f $LOCKFILE ] || [ -f $PIDFILE ] && checkpid `cat $PIDFILE` ; then + echo_success + echo + echo "deltacloud-$DRIVER has already been started" + exit 0 + fi + + $PROG -i $DRIVER -e $ENV -p $PORT <%= "--provider #{endpoint}" unless endpoint == "" %> >> $LOGFILE 2>&1 & + RETVAL=$? + echo $! > $PIDFILE + if [ $RETVAL -eq 0 ] ; then + TIMEOUT="$STARTTIMEOUT" + while [ $TIMEOUT -gt 0 ]; do + /usr/bin/curl --silent http://localhost:$PORT/api >& /dev/null + RETVAL=$? + if [ $RETVAL -eq 0 ] ; then + touch $LOCKFILE + echo_success + echo + exit 0 + fi + sleep 1 + let TIMEOUT=${TIMEOUT}-1 + done + fi + + echo_failure + echo + exit 1 +} + +stop() { + echo -n "Shutting down deltacloud-<%= name %>: " + + # FIXME! we need to do a killproc -p <pidfile> here to ensure other deltacloud + # daemons are not killed as well + killproc -p $PIDFILE deltacloudd + RETVAL=$? + if [ $RETVAL -eq 0 ] && rm -f $LOCKFILE ; then + echo_success + echo + else + echo_failure + echo + fi +} + +case "$1" in + start) + start + ;; + stop) + stop + ;; + restart) + stop + start + ;; + reload) + ;; + force-reload) + restart + ;; + status) + status -p $PIDFILE $PROG + RETVAL=$? + ;; + *) + echo "Usage: deltacloud-<%= name %> {start|stop|restart|status}" + exit 1 + ;; +esac + +exit $RETVAL diff --git a/recipes/aeolus_recipe/aeolus_stop_services.pp b/recipes/aeolus_recipe/aeolus_stop_services.pp deleted file mode 100644 index 6d9993e..0000000 --- a/recipes/aeolus_recipe/aeolus_stop_services.pp +++ /dev/null @@ -1,32 +0,0 @@ -#-- -# Copyright (C) 2010 Red Hat Inc. -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of the GNU Lesser General Public -# License as published by the Free Software Foundation; either -# version 2.1 of the License, or (at your option) any later version. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -# Author: Mohammed Morsi mmorsi@redhat.com -#-- - -# -# aeolus uninstallation recipe -# - -# Modules used by the recipe -import "aeolus_recipe/aeolus" - -$services = ["conductor", "core", 'iwhd', 'image-factory'] - -# stop aeolus services -dc::service{$services: - ensure => 'stopped', enable => false} diff --git a/recipes/aeolus_recipe/files/aggregator-httpd-ssl.conf b/recipes/aeolus_recipe/files/aggregator-httpd-ssl.conf deleted file mode 100644 index 5e9a85e..0000000 --- a/recipes/aeolus_recipe/files/aggregator-httpd-ssl.conf +++ /dev/null @@ -1,38 +0,0 @@ -NameVirtualHost *:443 -<VirtualHost *:443> - - ErrorLog /etc/httpd/logs/error_log - TransferLog /etc/httpd/logs/access_log - LogLevel debug - - ProxyRequests Off - SSLEngine On - SSLCertificateFile /etc/pki/tls/certs/localhost.crt - SSLCertificateKeyFile /etc/pki/tls/private/localhost.key - ProxyPreserveHost Off - RequestHeader set X_FORWARDED_PROTO 'https' - -Alias /conductor/stylesheets "/usr/share/aeolus-conductor/public/stylesheets" -Alias /conductor/images "/usr/share/aeolus-conductor/public/images" -Alias /conductor/errors "/usr/share/aeolus-conductor/public/errors" -Alias /conductor/javascripts "/usr/share/aeolus-conductor/public/javascripts" -Alias /fonts "/usr/share/aeolus-conductor/public/fonts" - -ProxyPass /conductor/images ! -ProxyPass /conductor/stylesheets ! -ProxyPass /conductor/errors ! -ProxyPass /conductor http://localhost:3000/conductor -ProxyPassReverse /conductor http://localhost:3000/conductor -ProxyPassReverse /conductor/images ! -ProxyPassReverse /conductor/stylesheets ! -ProxyPassReverse /conductor/errors ! - -</VirtualHost> - -NameVirtualHost *:80 -<VirtualHost *:80> - RewriteEngine On - RewriteCond %{HTTPS} off - RewriteRule /conductor(.*) https://%%7BHTTP_HOST%7D%%7BREQUEST_URI%7D -</VirtualHost> - diff --git a/recipes/aeolus_recipe/files/aggregator-httpd.conf b/recipes/aeolus_recipe/files/aggregator-httpd.conf deleted file mode 100644 index dc81eba..0000000 --- a/recipes/aeolus_recipe/files/aggregator-httpd.conf +++ /dev/null @@ -1,26 +0,0 @@ -NameVirtualHost *:80 -<VirtualHost *:80> - - ErrorLog /etc/httpd/logs/error_log - TransferLog /etc/httpd/logs/access_log - LogLevel warn - - ProxyRequests Off - -Alias /conductor/stylesheets "/usr/share/aeolus-conductor/public/stylesheets" -Alias /conductor/images "/usr/share/aeolus-conductor/public/images" -Alias /conductor/errors "/usr/share/aeolus-conductor/public/errors" -Alias /conductor/javascripts "/usr/share/aeolus-conductor/public/javascripts" -Alias /fonts "/usr/share/aeolus-conductor/public/fonts" - -ProxyPass /conductor/images ! -ProxyPass /conductor/stylesheets ! -ProxyPass /conductor/errors ! -ProxyPass /conductor http://localhost:3000/conductor -ProxyPassReverse /conductor http://localhost:3000/conductor -ProxyPassReverse /conductor/images ! -ProxyPassReverse /conductor/stylesheets ! -ProxyPassReverse /conductor/errors ! - -</VirtualHost> - diff --git a/recipes/aeolus_recipe/files/condor_config.local b/recipes/aeolus_recipe/files/condor_config.local deleted file mode 100644 index 76a97b5..0000000 --- a/recipes/aeolus_recipe/files/condor_config.local +++ /dev/null @@ -1,23 +0,0 @@ -ALLOW_WRITE = * -ALLOW_ADMINISTRATOR = * -ALLOW_NEGOTIATOR = * -ALLOW_NEGOTIATOR_SCHEDD = * -COLLECTOR_HOST = localhost - -DAEMON_LIST = MASTER, SCHEDD, COLLECTOR, NEGOTIATOR - -MAX_GRIDMANAGER_LOG = 500000000 -GRIDMANAGER_JOB_PROBE_INTERVAL = 30 - -GRIDMANAGER_DEBUG = D_FULLDEBUG -NEGOTIATOR_DEBUG = D_FULLDEBUG -COLLECTOR_DEBUG = D_FULLDEBUG - -DELTACLOUD_GAHP = $(SBIN)/deltacloud_gahp - -CLASSAD_LIFETIME = 0 - -# for the event log parsing (i.e. dbomatic) -EVENT_LOG=$(LOG)/EventLog -EVENT_LOG_USE_XML=True -EVENT_LOG_JOB_AD_INFORMATION_ATTRS=Owner,GlobalJobId,Cmd,JobStartDate,JobCurrentStartDate,JobFinishedHookDone,DeltacloudProviderId,DeltacloudPublicNetworkAddresses,DeltacloudPrivateNetworkAddresses,DeltacloudAvailableActions,JobStatus,DeltacloudUsername diff --git a/recipes/aeolus_recipe/files/pg_hba-ssl.conf b/recipes/aeolus_recipe/files/pg_hba-ssl.conf deleted file mode 100644 index 722867b..0000000 --- a/recipes/aeolus_recipe/files/pg_hba-ssl.conf +++ /dev/null @@ -1,7 +0,0 @@ -# we are still leaving Unix-domain sockets open, if we want to disable -# make sure to append "sslmode=require" and "-h localhost" to all psql -# commands -local all all trust -hostssl all all 127.0.0.1/32 md5 -hostssl all all ::1/128 md5 - diff --git a/recipes/aeolus_recipe/files/pg_hba.conf b/recipes/aeolus_recipe/files/pg_hba.conf deleted file mode 100644 index ef3f6f5..0000000 --- a/recipes/aeolus_recipe/files/pg_hba.conf +++ /dev/null @@ -1,4 +0,0 @@ -local all all trust -host all all 127.0.0.1 255.255.255.255 md5 -host all all ::1/128 md5 - diff --git a/recipes/aeolus_recipe/files/postgresql.conf b/recipes/aeolus_recipe/files/postgresql.conf deleted file mode 100644 index cf97fce..0000000 --- a/recipes/aeolus_recipe/files/postgresql.conf +++ /dev/null @@ -1,503 +0,0 @@ -# ----------------------------- -# PostgreSQL configuration file -# ----------------------------- -# -# This file consists of lines of the form: -# -# name = value -# -# (The "=" is optional.) Whitespace may be used. Comments are introduced with -# "#" anywhere on a line. The complete list of parameter names and allowed -# values can be found in the PostgreSQL documentation. -# -# The commented-out settings shown in this file represent the default values. -# Re-commenting a setting is NOT sufficient to revert it to the default value; -# you need to reload the server. -# -# This file is read on server startup and when the server receives a SIGHUP -# signal. If you edit the file on a running system, you have to SIGHUP the -# server for the changes to take effect, or use "pg_ctl reload". Some -# parameters, which are marked below, require a server shutdown and restart to -# take effect. -# -# Any parameter can also be given as a command-line option to the server, e.g., -# "postgres -c log_connections=on". Some parameters can be changed at run time -# with the "SET" SQL command. -# -# Memory units: kB = kilobytes Time units: ms = milliseconds -# MB = megabytes s = seconds -# GB = gigabytes min = minutes -# h = hours -# d = days - - -#------------------------------------------------------------------------------ -# FILE LOCATIONS -#------------------------------------------------------------------------------ - -# The default values of these variables are driven from the -D command-line -# option or PGDATA environment variable, represented here as ConfigDir. - -#data_directory = 'ConfigDir' # use data in another directory - # (change requires restart) -#hba_file = 'ConfigDir/pg_hba.conf' # host-based authentication file - # (change requires restart) -#ident_file = 'ConfigDir/pg_ident.conf' # ident configuration file - # (change requires restart) - -# If external_pid_file is not explicitly set, no extra PID file is written. -#external_pid_file = '(none)' # write an extra PID file - # (change requires restart) - - -#------------------------------------------------------------------------------ -# CONNECTIONS AND AUTHENTICATION -#------------------------------------------------------------------------------ - -# - Connection Settings - - -#listen_addresses = 'localhost' # what IP address(es) to listen on; - # comma-separated list of addresses; - # defaults to 'localhost', '*' = all - # (change requires restart) -#port = 5432 # (change requires restart) -max_connections = 100 # (change requires restart) -# Note: Increasing max_connections costs ~400 bytes of shared memory per -# connection slot, plus lock space (see max_locks_per_transaction). -#superuser_reserved_connections = 3 # (change requires restart) -#unix_socket_directory = '' # (change requires restart) -#unix_socket_group = '' # (change requires restart) -#unix_socket_permissions = 0777 # begin with 0 to use octal notation - # (change requires restart) -#bonjour_name = '' # defaults to the computer name - # (change requires restart) - -# - Security and Authentication - - -#authentication_timeout = 1min # 1s-600s -#ssl = off # (change requires restart) -#ssl_ciphers = 'ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH' # allowed SSL ciphers - # (change requires restart) -#ssl_renegotiation_limit = 512MB # amount of data between renegotiations -#password_encryption = on -#db_user_namespace = off - -# Kerberos and GSSAPI -#krb_server_keyfile = '' -#krb_srvname = 'postgres' # (Kerberos only) -#krb_caseins_users = off - -# - TCP Keepalives - -# see "man 7 tcp" for details - -#tcp_keepalives_idle = 0 # TCP_KEEPIDLE, in seconds; - # 0 selects the system default -#tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds; - # 0 selects the system default -#tcp_keepalives_count = 0 # TCP_KEEPCNT; - # 0 selects the system default - - -#------------------------------------------------------------------------------ -# RESOURCE USAGE (except WAL) -#------------------------------------------------------------------------------ - -# - Memory - - -shared_buffers = 24MB # min 128kB - # (change requires restart) -#temp_buffers = 8MB # min 800kB -#max_prepared_transactions = 0 # zero disables the feature - # (change requires restart) -# Note: Increasing max_prepared_transactions costs ~600 bytes of shared memory -# per transaction slot, plus lock space (see max_locks_per_transaction). -# It is not advisable to set max_prepared_transactions nonzero unless you -# actively intend to use prepared transactions. -#work_mem = 1MB # min 64kB -#maintenance_work_mem = 16MB # min 1MB -#max_stack_depth = 2MB # min 100kB - -# - Kernel Resource Usage - - -#max_files_per_process = 1000 # min 25 - # (change requires restart) -#shared_preload_libraries = '' # (change requires restart) - -# - Cost-Based Vacuum Delay - - -#vacuum_cost_delay = 0ms # 0-100 milliseconds -#vacuum_cost_page_hit = 1 # 0-10000 credits -#vacuum_cost_page_miss = 10 # 0-10000 credits -#vacuum_cost_page_dirty = 20 # 0-10000 credits -#vacuum_cost_limit = 200 # 1-10000 credits - -# - Background Writer - - -#bgwriter_delay = 200ms # 10-10000ms between rounds -#bgwriter_lru_maxpages = 100 # 0-1000 max buffers written/round -#bgwriter_lru_multiplier = 2.0 # 0-10.0 multipler on buffers scanned/round - -# - Asynchronous Behavior - - -#effective_io_concurrency = 1 # 1-1000. 0 disables prefetching - - -#------------------------------------------------------------------------------ -# WRITE AHEAD LOG -#------------------------------------------------------------------------------ - -# - Settings - - -#fsync = on # turns forced synchronization on or off -#synchronous_commit = on # immediate fsync at commit -#wal_sync_method = fsync # the default is the first option - # supported by the operating system: - # open_datasync - # fdatasync - # fsync - # fsync_writethrough - # open_sync -#full_page_writes = on # recover from partial page writes -#wal_buffers = 64kB # min 32kB - # (change requires restart) -#wal_writer_delay = 200ms # 1-10000 milliseconds - -#commit_delay = 0 # range 0-100000, in microseconds -#commit_siblings = 5 # range 1-1000 - -# - Checkpoints - - -#checkpoint_segments = 3 # in logfile segments, min 1, 16MB each -#checkpoint_timeout = 5min # range 30s-1h -#checkpoint_completion_target = 0.5 # checkpoint target duration, 0.0 - 1.0 -#checkpoint_warning = 30s # 0 disables - -# - Archiving - - -#archive_mode = off # allows archiving to be done - # (change requires restart) -#archive_command = '' # command to use to archive a logfile segment -#archive_timeout = 0 # force a logfile segment switch after this - # number of seconds; 0 disables - - -#------------------------------------------------------------------------------ -# QUERY TUNING -#------------------------------------------------------------------------------ - -# - Planner Method Configuration - - -#enable_bitmapscan = on -#enable_hashagg = on -#enable_hashjoin = on -#enable_indexscan = on -#enable_mergejoin = on -#enable_nestloop = on -#enable_seqscan = on -#enable_sort = on -#enable_tidscan = on - -# - Planner Cost Constants - - -#seq_page_cost = 1.0 # measured on an arbitrary scale -#random_page_cost = 4.0 # same scale as above -#cpu_tuple_cost = 0.01 # same scale as above -#cpu_index_tuple_cost = 0.005 # same scale as above -#cpu_operator_cost = 0.0025 # same scale as above -#effective_cache_size = 128MB - -# - Genetic Query Optimizer - - -#geqo = on -#geqo_threshold = 12 -#geqo_effort = 5 # range 1-10 -#geqo_pool_size = 0 # selects default based on effort -#geqo_generations = 0 # selects default based on effort -#geqo_selection_bias = 2.0 # range 1.5-2.0 - -# - Other Planner Options - - -#default_statistics_target = 100 # range 1-10000 -#constraint_exclusion = partition # on, off, or partition -#cursor_tuple_fraction = 0.1 # range 0.0-1.0 -#from_collapse_limit = 8 -#join_collapse_limit = 8 # 1 disables collapsing of explicit - # JOIN clauses - - -#------------------------------------------------------------------------------ -# ERROR REPORTING AND LOGGING -#------------------------------------------------------------------------------ - -# - Where to Log - - -#log_destination = 'stderr' # Valid values are combinations of - # stderr, csvlog, syslog and eventlog, - # depending on platform. csvlog - # requires logging_collector to be on. - -# This is used when logging to stderr: -logging_collector = on # Enable capturing of stderr and csvlog - # into log files. Required to be on for - # csvlogs. - # (change requires restart) - -# These are only used if logging_collector is on: -log_directory = 'pg_log' # directory where log files are written, - # can be absolute or relative to PGDATA -log_filename = 'postgresql-%a.log' # log file name pattern, - # can include strftime() escapes -log_truncate_on_rotation = on # If on, an existing log file of the - # same name as the new log file will be - # truncated rather than appended to. - # But such truncation only occurs on - # time-driven rotation, not on restarts - # or size-driven rotation. Default is - # off, meaning append to existing files - # in all cases. -log_rotation_age = 1d # Automatic rotation of logfiles will - # happen after that time. 0 disables. -log_rotation_size = 0 # Automatic rotation of logfiles will - # happen after that much log output. - # 0 disables. - -# These are relevant when logging to syslog: -#syslog_facility = 'LOCAL0' -#syslog_ident = 'postgres' - -#silent_mode = off # Run server silently. - # DO NOT USE without syslog or - # logging_collector - # (change requires restart) - - -# - When to Log - - -#client_min_messages = notice # values in order of decreasing detail: - # debug5 - # debug4 - # debug3 - # debug2 - # debug1 - # log - # notice - # warning - # error - -#log_min_messages = warning # values in order of decreasing detail: - # debug5 - # debug4 - # debug3 - # debug2 - # debug1 - # info - # notice - # warning - # error - # log - # fatal - # panic - -#log_error_verbosity = default # terse, default, or verbose messages - -#log_min_error_statement = error # values in order of decreasing detail: - # debug5 - # debug4 - # debug3 - # debug2 - # debug1 - # info - # notice - # warning - # error - # log - # fatal - # panic (effectively off) - -#log_min_duration_statement = -1 # -1 is disabled, 0 logs all statements - # and their durations, > 0 logs only - # statements running at least this number - # of milliseconds - - -# - What to Log - - -#debug_print_parse = off -#debug_print_rewritten = off -#debug_print_plan = off -#debug_pretty_print = on -#log_checkpoints = off -#log_connections = off -#log_disconnections = off -#log_duration = off -#log_hostname = off -#log_line_prefix = '' # special values: - # %u = user name - # %d = database name - # %r = remote host and port - # %h = remote host - # %p = process ID - # %t = timestamp without milliseconds - # %m = timestamp with milliseconds - # %i = command tag - # %c = session ID - # %l = session line number - # %s = session start timestamp - # %v = virtual transaction ID - # %x = transaction ID (0 if none) - # %q = stop here in non-session - # processes - # %% = '%' - # e.g. '<%u%%%d> ' -#log_lock_waits = off # log lock waits >= deadlock_timeout -#log_statement = 'none' # none, ddl, mod, all -#log_temp_files = -1 # log temporary files equal or larger - # than the specified size in kilobytes; - # -1 disables, 0 logs all temp files -#log_timezone = unknown # actually, defaults to TZ environment - # setting - - -#------------------------------------------------------------------------------ -# RUNTIME STATISTICS -#------------------------------------------------------------------------------ - -# - Query/Index Statistics Collector - - -#track_activities = on -#track_counts = on -#track_functions = none # none, pl, all -#track_activity_query_size = 1024 -#update_process_title = on -#stats_temp_directory = 'pg_stat_tmp' - - -# - Statistics Monitoring - - -#log_parser_stats = off -#log_planner_stats = off -#log_executor_stats = off -#log_statement_stats = off - - -#------------------------------------------------------------------------------ -# AUTOVACUUM PARAMETERS -#------------------------------------------------------------------------------ - -#autovacuum = on # Enable autovacuum subprocess? 'on' - # requires track_counts to also be on. -#log_autovacuum_min_duration = -1 # -1 disables, 0 logs all actions and - # their durations, > 0 logs only - # actions running at least this number - # of milliseconds. -#autovacuum_max_workers = 3 # max number of autovacuum subprocesses -#autovacuum_naptime = 1min # time between autovacuum runs -#autovacuum_vacuum_threshold = 50 # min number of row updates before - # vacuum -#autovacuum_analyze_threshold = 50 # min number of row updates before - # analyze -#autovacuum_vacuum_scale_factor = 0.2 # fraction of table size before vacuum -#autovacuum_analyze_scale_factor = 0.1 # fraction of table size before analyze -#autovacuum_freeze_max_age = 200000000 # maximum XID age before forced vacuum - # (change requires restart) -#autovacuum_vacuum_cost_delay = 20ms # default vacuum cost delay for - # autovacuum, in milliseconds; - # -1 means use vacuum_cost_delay -#autovacuum_vacuum_cost_limit = -1 # default vacuum cost limit for - # autovacuum, -1 means use - # vacuum_cost_limit - - -#------------------------------------------------------------------------------ -# CLIENT CONNECTION DEFAULTS -#------------------------------------------------------------------------------ - -# - Statement Behavior - - -#search_path = '"$user",public' # schema names -#default_tablespace = '' # a tablespace name, '' uses the default -#temp_tablespaces = '' # a list of tablespace names, '' uses - # only default tablespace -#check_function_bodies = on -#default_transaction_isolation = 'read committed' -#default_transaction_read_only = off -#session_replication_role = 'origin' -#statement_timeout = 0 # in milliseconds, 0 is disabled -#vacuum_freeze_min_age = 50000000 -#vacuum_freeze_table_age = 150000000 -#xmlbinary = 'base64' -#xmloption = 'content' - -# - Locale and Formatting - - -datestyle = 'iso, mdy' -#intervalstyle = 'postgres' -#timezone = unknown # actually, defaults to TZ environment - # setting -#timezone_abbreviations = 'Default' # Select the set of available time zone - # abbreviations. Currently, there are - # Default - # Australia - # India - # You can create your own file in - # share/timezonesets/. -#extra_float_digits = 0 # min -15, max 2 -#client_encoding = sql_ascii # actually, defaults to database - # encoding - -# These settings are initialized by initdb, but they can be changed. -lc_messages = 'en_US.UTF-8' # locale for system error message - # strings -lc_monetary = 'en_US.UTF-8' # locale for monetary formatting -lc_numeric = 'en_US.UTF-8' # locale for number formatting -lc_time = 'en_US.UTF-8' # locale for time formatting - -# default configuration for text search -default_text_search_config = 'pg_catalog.english' - -# - Other Defaults - - -#dynamic_library_path = '$libdir' -#local_preload_libraries = '' - - -#------------------------------------------------------------------------------ -# LOCK MANAGEMENT -#------------------------------------------------------------------------------ - -#deadlock_timeout = 1s -#max_locks_per_transaction = 64 # min 10 - # (change requires restart) -# Note: Each lock table slot uses ~270 bytes of shared memory, and there are -# max_locks_per_transaction * (max_connections + max_prepared_transactions) -# lock table slots. - - -#------------------------------------------------------------------------------ -# VERSION/PLATFORM COMPATIBILITY -#------------------------------------------------------------------------------ - -# - Previous PostgreSQL Versions - - -#add_missing_from = off -#array_nulls = on -#backslash_quote = safe_encoding # on, off, or safe_encoding -#default_with_oids = off -#escape_string_warning = on -#regex_flavor = advanced # advanced, extended, or basic -#sql_inheritance = on -#standard_conforming_strings = off -#synchronize_seqscans = on - -# - Other Platforms and Clients - - -#transform_null_equals = off - - -#------------------------------------------------------------------------------ -# CUSTOMIZED OPTIONS -#------------------------------------------------------------------------------ - -#custom_variable_classes = '' # list of custom variable class names - -ssl = on diff --git a/recipes/aeolus_recipe/files/qpidd.conf b/recipes/aeolus_recipe/files/qpidd.conf deleted file mode 100644 index da050c0..0000000 --- a/recipes/aeolus_recipe/files/qpidd.conf +++ /dev/null @@ -1,25 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# -# Configuration file for qpidd. Entries are of the form: -# name=value -# -# (Note: no spaces on either side of '='). Using default settings: -# "qpidd --help" or "man qpidd" for more details. -cluster-mechanism=ANONYMOUS -auth=no diff --git a/recipes/aeolus_recipe/files/solr.conf b/recipes/aeolus_recipe/files/solr.conf deleted file mode 100644 index 3830292..0000000 --- a/recipes/aeolus_recipe/files/solr.conf +++ /dev/null @@ -1,3 +0,0 @@ -#Provide a spot for overrides -#RAILS_ENV=production - diff --git a/recipes/aeolus_recipe/files/solr.init b/recipes/aeolus_recipe/files/solr.init deleted file mode 100644 index f6bdb3c..0000000 --- a/recipes/aeolus_recipe/files/solr.init +++ /dev/null @@ -1,75 +0,0 @@ -#!/bin/bash -# -# -# solr startup script for solr server -# -# chkconfig: - 40 60 -# description: solr is primary server process for the \ -# solr component. -# - -[ -r /etc/sysconfig/solr ] && . /etc/sysconfig/solr - -LOCKFILE="${LOCKFILE:-/var/lock/subsys/solr}" -RAILS_ENV="${RAILS_ENV:-production}" -PIDFILE=/usr/share/aeolus-conductor/tmp/pids/sunspot-solr-$RAILS_ENV.pid -PROG=/usr/bin/rake - -. /etc/init.d/functions - -start() { - echo -n "Starting solr: " - - cd /usr/share/aeolus-conductor; RAILS_ENV=$RAILS_ENV daemon --pidfile=$PIDFILE $PROG sunspot:solr:start - RETVAL=$? - if [ $RETVAL -eq 0 ] && touch $LOCKFILE ; then - echo_success - echo - else - echo_failure - echo - fi -} - -stop() { - echo -n "Shutting down solr: " - RETVAL=$? - cd /usr/share/aeolus-conductor; RAILS_ENV=$RAILS_ENV $PROG sunspot:solr:stop - - if [ $RETVAL -eq 0 ] && rm -f $LOCKFILE ; then - echo_success - echo - else - echo_failure - echo - fi -} - -case "$1" in - start) - start - ;; - stop) - stop - ;; - restart) - stop - start - ;; - reload) - ;; - force-reload) - restart - ;; - status) - status -p $PIDFILE $PROG - RETVAL=$? - ;; - *) - echo "Usage: solr {start|stop|restart|status}" - exit 1 - ;; -esac - -exit $RETVAL - diff --git a/recipes/aeolus_recipe/lib/puppet/provider/web_request/curl.rb b/recipes/aeolus_recipe/lib/puppet/provider/web_request/curl.rb deleted file mode 100644 index 925b865..0000000 --- a/recipes/aeolus_recipe/lib/puppet/provider/web_request/curl.rb +++ /dev/null @@ -1,128 +0,0 @@ -require 'curb' -require 'uuid' -require 'fileutils' - -# Helper to invoke the web request w/ curl -def web_request(method, uri, request_params, params = {}) - raise Puppet::Error, "Must specify http method and uri" if method.nil? || uri.nil? - - curl = Curl::Easy.new - - if params.has_key?(:cookie) - curl.enable_cookies = true - curl.cookiefile = params[:cookie] - curl.cookiejar = params[:cookie] - end - - curl.follow_location = (params.has_key?(:follow) && params[:follow]) - - case(method) - when 'get' - url = uri - url += ";" + request_params.collect { |k,v| "#{k}=#{v}" }.join("&") unless request_params.nil? - curl.url = url - curl.http_get - return curl - - when 'post' - cparams = [] - request_params.each_pair { |k,v| cparams << Curl::PostField.content(k,v) } unless request_params.nil? - curl.url = uri - curl.http_post(cparams) - return curl - - #when 'put' - #when 'delete' - end -end - -# Helper to verify the response -def verify_result(result, verify = {}) - returns = (verify.has_key?(:returns) && !verify[:returns].nil?) ? verify[:returns] : "200" - returns = [returns] unless returns.is_a? Array - unless returns.include?(result.response_code.to_s) - raise Puppet::Error, "Invalid HTTP Return Code: #{result.response_code}, - was expecting one of #{returns.join(", ")}" - end - - if verify.has_key?(:body) && !verify[:body].nil? && !(result.body_str =~ Regexp.new(verify[:body])) - raise Puppet::Error, "Expecting #{verify[:body]} in the result" - end -end - -# Helper to process/parse web parameters -def process_params(request_method, params, uri) - begin - # Set request method and generate a unique session key - session = "/tmp/#{UUID.new.generate}" - - # Invoke a login request if necessary - if params[:login] - login_params = params[:login].reject { |k,v| ['http_method', 'uri'].include?(k) } - web_request(params[:login]['http_method'], params[:login]['uri'], - login_params, :cookie => session, :follow => params[:follow]).close - end - - # Check to see if we should actually run the request - skip_request = !params[:unless].nil? - if params[:unless] - result = web_request(params[:unless]['http_method'], params[:unless]['uri'], - params[:unless]['parameters'], - :cookie => session, :follow => params[:follow]) - begin - verify_result(result, - :returns => params[:unless]['returns'], - :body => params[:unless]['verify']) - rescue Puppet::Error => e - skip_request = false - end - result.close - end - return if skip_request - - # Actually run the request and verify the result - uri = params[:name] if uri.nil? - result = web_request(request_method, uri, params[:parameters], - :cookie => session, :follow => params[:follow]) - verify_result(result, - :returns => params[:returns], - :body => params[:verify]) - result.close - - # Invoke a logout request if necessary - if params[:logout] - logout_params = params[:login].reject { |k,v| ['http_method', 'uri'].include?(k) } - web_request(params[:logout]['http_method'], params[:logout]['uri'], - logout_params, :cookie => session, :follow => params[:follow]).close - end - - rescue Exception => e - raise Puppet::Error, "An exception was raised when invoking web request: #{e}" - - ensure - FileUtils.rm_f(session) if params[:logout] - end -end - -# Puppet provider definition -Puppet::Type.type(:web_request).provide :curl do - desc "Use curl to access web resources" - - def get - @uri - end - - def post - @uri - end - - def get=(uri) - @uri = uri - process_params('get', @resource, uri) - end - - def post=(uri) - @uri = uri - process_params('post', @resource, uri) - end -end diff --git a/recipes/aeolus_recipe/lib/puppet/type/web_request.rb b/recipes/aeolus_recipe/lib/puppet/type/web_request.rb deleted file mode 100644 index 5225633..0000000 --- a/recipes/aeolus_recipe/lib/puppet/type/web_request.rb +++ /dev/null @@ -1,49 +0,0 @@ -Puppet::Type.newtype(:web_request) do - @doc = "Issue a request via the world wide web" - - newparam :name - - newproperty(:get) do - desc "Issue get request to the specified uri" - # TODO valid value to be a uri - end - - newproperty(:post) do - desc "Issue get request to the specified uri" - # TODO valid value to be a uri - end - - #newproperty(:delete) - #newproperty(:put) - - newparam(:parameters) do - desc "Hash of parameters to include in the web request" - end - - newparam(:returns) do - desc "Expected http return codes of the request" - defaultto "200" - # TODO validate value(s) is among possible valid http return codes - end - - newparam(:follow) do - desc "Boolean indicating if redirects should be followed" - newvalues(:true, :false) - end - - newparam(:verify) do - desc "String to verify as being part of the result" - end - - newparam(:login) do - desc "Login parameters to be used if a login is required before making the request" - end - - newparam(:logout) do - desc "Logout parameters to be used if a logout is requred after making the request" - end - - newparam(:unless) do - desc "Do not run request if the request specified here succeeds" - end -end diff --git a/recipes/aeolus_recipe/manifests/aeolus.pp b/recipes/aeolus_recipe/manifests/aeolus.pp deleted file mode 100644 index a399771..0000000 --- a/recipes/aeolus_recipe/manifests/aeolus.pp +++ /dev/null @@ -1,64 +0,0 @@ -# Aeolus puppet definitions - -import "postgres" -import "apache" -import "rails" -import "selinux" -import "ntp" - -import "conductor" -import "deltacloud" -import "iwhd" -import "image-factory" - -if $aeolus_enable_https == "true" or $aeolus_enable_https == "1" { - import "openssl" - $enable_https = true -} else { - $enable_https = false -} - -if $aeolus_enable_security == "true" or $aeolus_enable_security == "1" { - import "openssl" - $enable_security = true -} else { - $enable_security = false -} - - -# Base aeolus class -class aeolus { - package{'curl': ensure => 'installed'} - - # Setup repos which to pull aeolus components - # TODO: Don't hardcode these repos to RHEL-6 - # The issue is that $releasever resolves to something like 6Server - # so we either need to have a repo per RHEL variant, or we need - # to have smarter logic here - $base_url_release = $operatingsystem ? { 'fedora' => "fedora-$releasever", - 'redhat' => 'rhel-6' } - $pulp_base_url_release = $operatingsystem ? { 'fedora' => "fedora-13", - 'redhat' => 'rhel5' } - - yumrepo{"${name}_arch": - name => "${name}_arch", - descr => "${name}_arch", - baseurl => "http://repos.fedorapeople.org/repos/aeolus/packages/$%7Bbase_url_release%7D/...", - enabled => 0, gpgcheck => 0} - yumrepo{"${name}_noarch": - name => "${name}_noarch", - descr => "${name}_noarch", - baseurl => "http://repos.fedorapeople.org/repos/aeolus/packages/$%7Bbase_url_release%7D/...", - enabled => 0, gpgcheck => 0} - -} - -# Create a new provider in aeolus -define aeolus::provider($type, $port, $endpoint=""){ - aeolus::deltacloud{$name: provider_type => $type, endpoint => $endpoint, port => $port} - aeolus::conductor::provider{$name: - type => $type, - url => "http://localhost:$%7Bport%7D/api", - require => Aeolus::Deltacloud[$name] } -} - diff --git a/recipes/aeolus_recipe/manifests/conductor.pp b/recipes/aeolus_recipe/manifests/conductor.pp deleted file mode 100644 index ebe703f..0000000 --- a/recipes/aeolus_recipe/manifests/conductor.pp +++ /dev/null @@ -1,308 +0,0 @@ -# Aeolus conductor puppet definitions - -class aeolus::conductor inherits aeolus { - ### Install the aeolus components - # specific versions of these two packages are needed and we need to pull the third in - package {['aeolus-conductor', - 'aeolus-conductor-daemons']: - ensure => 'installed'} - - # to be renamed to aeolus-connector - package {'rubygem-image_factory_connector': - ensure => 'installed'} - - file {"/var/lib/aeolus-conductor": - ensure => directory } - - ### Setup selinux for deltacloud - selinux::mode{"permissive":} - - ### Start the aeolus services - file {"/var/lib/condor/condor_config.local": - source => "puppet:///modules/aeolus_recipe/condor_config.local", - require => Package['aeolus-conductor-daemons'] } - # condor requires an explicit non-localhost hostname - # TODO we can also kill the configure sequence here instead - exec{"/bin/echo 'hostname/domain should be explicitly set and should not be localhost.localdomain'": - logoutput => true, - onlyif => "/usr/bin/test `/bin/hostname` = 'localhost.localdomain'" - } - service { ['condor']: - ensure => 'running', - enable => true, - hasstatus => true, - require => File['/var/lib/condor/condor_config.local'] } - service { ['aeolus-conductor', - 'conductor-warehouse_sync', - 'conductor-dbomatic', - 'conductor-delayed_job']: - ensure => 'running', - enable => true, - hasstatus => true, - require => [Package['aeolus-conductor-daemons'], - Rails::Migrate::Db[migrate_aeolus_database], - Service['condor', 'httpd']] } - - service{ 'aeolus-connector': - ensure => 'running', - enable => true, - hasstatus => true, - require => [Package['rubygem-image_factory_connector'], - Service[qpidd]]} - - ### Initialize and start the aeolus database - # Right now we configure and start postgres, at some point I want - # to make the db that gets setup configurable - include postgres::server - if $enable_security { - openssl::certificate{"/var/lib/pgsql/data/server": - user => 'postgres', - group => 'postgres', - require => Exec["pginitdb"], - notify => Service['postgresql']} - # since we're self signing for now, use the same certificate for the root - file { "/var/lib/pgsql/data/root.crt": - require => Openssl::Certificate["/var/lib/pgsql/data/server"], - source => "/var/lib/pgsql/data/server.crt", - owner => 'postgres', - group => 'postgres', - notify => Service['postgresql'] } - file { "/var/lib/pgsql/data/pg_hba.conf": - source => "puppet:///modules/aeolus_recipe/pg_hba-ssl.conf", - require => Exec["pginitdb"], - owner => 'postgres', - group => 'postgres', - notify => Service['postgresql']} - file { "/var/lib/pgsql/data/postgresql.conf": - source => "puppet:///modules/aeolus_recipe/postgresql.conf", - require => Exec["pginitdb"], - owner => 'postgres', - group => 'postgres', - notify => Service['postgresql']} - } else { - file { "/var/lib/pgsql/data/pg_hba.conf": - source => "puppet:///modules/aeolus_recipe/pg_hba.conf", - require => Exec["pginitdb"], - notify => Service['postgresql']} - } - postgres::user{"aeolus": - password => "v23zj59an", - roles => "CREATEDB", - require => [Service["postgresql"], File["/var/lib/pgsql/data/pg_hba.conf"]] } - - - # Create aeolus database - rails::create::db{"create_aeolus_database": - cwd => "/usr/share/aeolus-conductor", - rails_env => "production", - require => [Postgres::User[aeolus], Package['aeolus-conductor']] } - rails::migrate::db{"migrate_aeolus_database": - cwd => "/usr/share/aeolus-conductor", - rails_env => "production", - require => [Rails::Create::Db[create_aeolus_database], Service['solr']]} - rails::seed::db{"seed_aeolus_database": - cwd => "/usr/share/aeolus-conductor", - rails_env => "production", - require => Rails::Migrate::Db[migrate_aeolus_database]} - - ### Prepare the image package repositories - exec{"dc_prepare_repos": - cwd => '/usr/share/aeolus-conductor', - environment => "RAILS_ENV=production", - command => "/usr/bin/rake dc:prepare_repos", - require => Package['aeolus-conductor'] } - - - ### Setup/start solr search service - file{"/etc/init.d/solr": - source => 'puppet:///modules/aeolus_recipe/solr.init', - mode => 755 - } - - file{"/etc/sysconfig/solr": - source => 'puppet:///modules/aeolus_recipe/solr.conf', - mode => 755 - } - # TODO we manually have to install java for solr, we should remove this once this is a dep in the solr rpm - package{"java-1.6.0-openjdk": - ensure => "installed" } - service{"solr": - hasstatus => "false", - pattern => "jetty.port=8983", - ensure => 'running', - enable => 'true', - require => [File['/etc/init.d/solr', '/etc/init.d/solr'], - Package["java-1.6.0-openjdk"], - Package['aeolus-conductor'], - Rails::Create::Db['create_aeolus_database']]} - - exec{"build_solr_index": - cwd => "/usr/share/aeolus-conductor", - command => "/usr/bin/rake sunspot:reindex", - logoutput => true, - environment => "RAILS_ENV=production", - require => Rails::Migrate::Db['migrate_aeolus_database']} - - - ### Setup apache for deltacloud - include apache - if $enable_https { - apache::site{"aeolus-conductor": source => 'puppet:///modules/aeolus_recipe/aggregator-httpd-ssl.conf'} - } else{ - apache::site{"aeolus-conductor": source => 'puppet:///modules/aeolus_recipe/aggregator-httpd.conf'} - } - - ### Setup sshd for deltacloud - package { "openssh-server": ensure => installed } - service{"sshd": - require => Package["openssh-server"], - ensure => 'running', - enable => 'true' } -} - -class aeolus::conductor::seed_data { - aeolus::create_bucket{"aeolus":} - - aeolus::site_admin{"$admin_user": - email => 'dcuser@aeolusproject.org', - password => "$admin_password", - first_name => 'aeolus', - last_name => 'user'} - - aeolus::provider{"mock": - type => 'mock', - port => 3002, - require => Aeolus::Site_admin["admin"] } - - aeolus::provider{"ec2-us-east-1": - type => 'ec2', - endpoint => 'us-east-1', - port => 3003, - require => Aeolus::Site_admin["admin"] } - - aeolus::provider{"ec2-us-west-1": - type => 'ec2', - endpoint => 'us-west-1', - port => 3004, - require => Aeolus::Site_admin["admin"] } - - aeolus::conductor::hwp{"hwp1": - memory => "1", - cpu => "1", - storage => "1", - architecture => "x86_64", - require => Aeolus::Site_admin["admin"] } - -} - -class aeolus::conductor::remove_seed_data { - aeolus::deltacloud::disabled{"mock": } - aeolus::deltacloud::disabled{"ec2-us-east-1": } - aeolus::deltacloud::disabled{"ec2-us-west-1": } -} - -class aeolus::conductor::disabled { - file {"/var/lib/aeolus-conductor": - ensure => absent, - force => true - } - - ### Stop the aeolus services - service { ['condor', 'httpd']: - ensure => 'stopped', - enable => false, - require => Service['aeolus-conductor', - 'conductor-warehouse_sync', - 'conductor-dbomatic', - 'conductor-delayed_job'] } - service { ['aeolus-conductor', - 'conductor-warehouse_sync', - 'conductor-dbomatic', - 'conductor-delayed_job', - 'aeolus-connector']: - ensure => 'stopped', - enable => false, - hasstatus => true } - - ### Destroy the aeolus database - rails::drop::db{"drop_aeolus_database": - cwd => "/usr/share/aeolus-conductor", - rails_env => "production", - require => Service["aeolus-conductor", - 'conductor-warehouse_sync', - "conductor-dbomatic", - "conductor-delayed_job"]} - postgres::user{"aeolus": - ensure => 'dropped', - require => Rails::Drop::Db["drop_aeolus_database"]} - - ### stop solr search service - service{"solr": - hasstatus => false, - stop => "cd /usr/share/aeolus-conductor;RAILS_ENV=production /usr/bin/rake sunspot:solr:stop", - pattern => "solr", - ensure => 'stopped', - require => Service['aeolus-conductor']} -} - -# Create a new site admin conductor web user -define aeolus::site_admin($email="", $password="", $first_name="", $last_name=""){ - exec{"create_site_admin_user": - cwd => '/usr/share/aeolus-conductor', - environment => "RAILS_ENV=production", - command => "/usr/bin/rake dc:create_user[${name}] email=${email} password=${password} first_name=${first_name} last_name=${last_name}", - logoutput => true, - unless => "/usr/bin/test `psql conductor aeolus -P tuples_only -c "select count(*) from users where login = '${name}';"` = "1"", - require => Rails::Seed::Db["seed_aeolus_database"]} - exec{"grant_site_admin_privs": - cwd => '/usr/share/aeolus-conductor', - environment => "RAILS_ENV=production", - command => "/usr/bin/rake dc:site_admin[${name}]", - logoutput => true, - unless => "/usr/bin/test `psql conductor aeolus -P tuples_only -c "select count(*) FROM roles INNER JOIN permissions ON (roles.id = permissions.role_id) INNER JOIN users ON (permissions.user_id = users.id) where roles.name = 'Administrator' AND users.login = '${name}';"` = "1"", - require => Exec[create_site_admin_user]} -} - -# Create a new provider via the conductor -define aeolus::conductor::provider($type="",$url=""){ - web_request{ "provider-$name": - post => "https://localhost/conductor/providers", - parameters => { 'provider[name]' => $name, 'provider[url]' => $url, - 'provider[provider_type_codename]' => $type }, - returns => '200', - verify => '.*Provider added.*', - follow => true, - unless => { 'http_method' => 'get', - 'uri' => 'https://localhost/conductor/providers', - 'verify' => ".*$name.*" }, - require => Service['aeolus-conductor'] - } -} - -define aeolus::conductor::hwp($memory='', $cpu='', $storage='', $architecture=''){ - web_request{ "hwp-$name": - post => "https://localhost/conductor/hardware_profiles", - parameters => {'hardware_profile[name]' => $name, - 'hardware_profile[memory_attributes][value]' => $memory, - 'hardware_profile[cpu_attributes][value]' => $cpu, - 'hardware_profile[storage_attributes][value]' => $storage, - 'hardware_profile[architecture_attributes][value]' => $architecture, - 'hardware_profile[memory_attributes][name]' => 'memory', - 'hardware_profile[memory_attributes][unit]' => 'MB', - 'hardware_profile[cpu_attributes][name]' => 'cpu', - 'hardware_profile[cpu_attributes][unit]' => 'count', - 'hardware_profile[storage_attributes][name]' => 'storage', - 'hardware_profile[storage_attributes][unit]' => 'GB', - 'hardware_profile[architecture_attributes][name]' => 'architecture', - 'hardware_profile[architecture_attributes][unit]' => 'label', - 'commit' => 'Save'}, - returns => '200', - #verify => '.*Hardware profile added.*', - follow => true, - unless => { 'http_method' => 'get', - 'uri' => 'https://localhost/conductor/hardware_profiles', - 'verify' => ".*$name.*" }, - require => Service['aeolus-conductor'] - } -} - diff --git a/recipes/aeolus_recipe/manifests/defaults.pp b/recipes/aeolus_recipe/manifests/defaults.pp deleted file mode 100644 index f2fc891..0000000 --- a/recipes/aeolus_recipe/manifests/defaults.pp +++ /dev/null @@ -1,23 +0,0 @@ -#Set up some defaults - -#Use rpm because it will fail because we don't provide source. -#This is an easy mechanism to have puppet fail when packages -#aren't installed, but also an easy way to tune it back to -#the behavior of installing packages that are missing by -#switching back to yum - -Package {provider => 'rpm'} - -$admin_user='admin' -$admin_password='password' - -# Setup the default login/logout targets for web requests -Web_request{ - login => { 'http_method' => 'post', - 'uri' => 'https://localhost/conductor/user_session', - 'user_session[login]' => "$admin_user", - 'user_session[password]' => "$admin_password", - 'commit' => 'submit' }, - logout => { 'http_method' => 'post', - 'uri' => 'https://localhost/conductor/logout' } -} diff --git a/recipes/aeolus_recipe/manifests/deltacloud.pp b/recipes/aeolus_recipe/manifests/deltacloud.pp deleted file mode 100644 index 2b44020..0000000 --- a/recipes/aeolus_recipe/manifests/deltacloud.pp +++ /dev/null @@ -1,53 +0,0 @@ -# Aeolus deltacloud puppet definitions - -class aeolus::deltacloud::core { - ### Install the aeolus components - include aeolus - - package { 'deltacloud-core': - ensure => 'installed', require => Yumrepo['aeolus_arch', 'aeolus_noarch']} -} - -class aeolus::deltacloud::ec2 { - ### Install the driver-specific components - # install ec2 support, - package { "rubygem-aws": - ensure => 'installed' } -} - - -# install the deltacloud component w/ the specified driver -define aeolus::deltacloud($provider_type="", $endpoint='', $port="3002") { - include aeolus::deltacloud::core - - if $provider_type == "ec2" { - include aeolus::deltacloud::ec2 - } - - ### we need to sync time to communicate w/ cloud providers - include ntp::client - - ### Start the aeolus services - file { "/var/log/deltacloud-${name}": ensure => 'directory' } - file {"/etc/init.d/deltacloud-${name}": - content => template("aeolus_recipe/deltacloud-core"), - mode => 755 } - service { "deltacloud-${name}": - ensure => 'running', - enable => true, - require => [Package['deltacloud-core'], - Package['rubygem-aws'], - File["/etc/init.d/deltacloud-${name}", "/var/log/deltacloud-${name}"]] } -} - -define aeolus::deltacloud::disabled() { - ### Stop the aeolus services - service { "deltacloud-${name}": - ensure => 'stopped', - enable => false, - hasstatus => true} - file {"/etc/init.d/deltacloud-${name}": - ensure => absent, - require => Service["deltacloud-${name}"]} -} - diff --git a/recipes/aeolus_recipe/manifests/image-factory.pp b/recipes/aeolus_recipe/manifests/image-factory.pp deleted file mode 100644 index f28c7cf..0000000 --- a/recipes/aeolus_recipe/manifests/image-factory.pp +++ /dev/null @@ -1,64 +0,0 @@ -# Aeolus image factory puppet definitions - -class aeolus::image-factory inherits aeolus { - - package { 'libvirt': - ensure=> 'installed' - } - package { 'imagefactory': - ensure => 'installed', - require => [Yumrepo['aeolus_arch', 'aeolus_noarch']] - } - package { 'qpid-cpp-server': - ensure => 'installed' } - - ### Configure pulp to fetch from Fedora - # TODO uncomment when factory/warehouse uses pulp - #exec{"pulp_fedora_config": - # command => "/usr/bin/pulp-admin -u admin -p admin repo create --id=fedora-repo --feed yum:http://download.fedora.redhat.com/pub/fedora/linux/updates/13/x86_64/" - #} - - ### Start the aeolus services - file { "/etc/qpidd.conf": - source => "puppet:///modules/aeolus_recipe/qpidd.conf", - mode => 644 } - service {'qpidd': - ensure => 'running', - enable => true, - require => [File['/etc/qpidd.conf'], - Package['qpid-cpp-server']]} - file { "/var/tmp/imagefactory-mock": - ensure => "directory", - mode => 755 } - service {'libvirtd': - ensure => 'running', - enable => true, - hasstatus => true, - require => Package['libvirt']} - $requires = [Package['imagefactory'], - File['/var/tmp/imagefactory-mock'], - Service[qpidd], Service[libvirtd], - Rails::Seed::Db[seed_aeolus_database]] - service { 'imagefactory': - ensure => 'running', - enable => true, - hasstatus => true, - require => $requires} -} - -class aeolus::image-factory::disabled { - ### Stop the aeolus services - service {'qpidd': - ensure => 'stopped', - enable => false, - require => Service['imagefactory']} - - service { 'imagefactory': - ensure => 'stopped', - hasstatus => true, - enable => false} - - ### Destroy and cleanup aeolus artifacts - exec{"remove_aeolus_templates": command => "/bin/rm -rf /templates"} -} - diff --git a/recipes/aeolus_recipe/manifests/init.pp b/recipes/aeolus_recipe/manifests/init.pp deleted file mode 100644 index e3e601c..0000000 --- a/recipes/aeolus_recipe/manifests/init.pp +++ /dev/null @@ -1,63 +0,0 @@ -# Aeolus puppet definitions - -import "postgres" -import "apache" -import "rails" -import "selinux" -import "ntp" - -import "conductor" -import "deltacloud" -import "iwhd" -import "image-factory" - -if $aeolus_enable_https == "true" or $aeolus_enable_https == "1" { - import "openssl" - $enable_https = true -} else { - $enable_https = false -} - -if $aeolus_enable_security == "true" or $aeolus_enable_security == "1" { - import "openssl" - $enable_security = true -} else { - $enable_security = false -} - - -# Base aeolus class -class aeolus { - package{'curl': ensure => 'installed'} - - # Setup repos which to pull aeolus components - # TODO: Don't hardcode these repos to RHEL-6 - # The issue is that $releasever resolves to something like 6Server - # so we either need to have a repo per RHEL variant, or we need - # to have smarter logic here - $base_url_release = $operatingsystem ? { 'fedora' => "fedora-$releasever", - 'redhat' => 'rhel-6' } - $pulp_base_url_release = $operatingsystem ? { 'fedora' => "fedora-13", - 'redhat' => 'rhel5' } - - yumrepo{"${name}_arch": - name => "${name}_arch", - descr => "${name}_arch", - baseurl => "http://repos.fedorapeople.org/repos/aeolus/packages/$%7Bbase_url_release%7D/...", - enabled => 0, gpgcheck => 0} - yumrepo{"${name}_noarch": - name => "${name}_noarch", - descr => "${name}_noarch", - baseurl => "http://repos.fedorapeople.org/repos/aeolus/packages/$%7Bbase_url_release%7D/...", - enabled => 0, gpgcheck => 0} - -} - -# Create a new provider in aeolus -define aeolus::provider($type, $port, $endpoint=""){ - aeolus::deltacloud{$name: provider_type => $type, endpoint => $endpoint, port => $port} - aeolus::conductor::provider{$name: - type => $type, - url => "http://localhost:$%7Bport%7D/api", - require => Aeolus::Deltacloud[$name] } -} diff --git a/recipes/aeolus_recipe/manifests/iwhd.pp b/recipes/aeolus_recipe/manifests/iwhd.pp deleted file mode 100644 index d012258..0000000 --- a/recipes/aeolus_recipe/manifests/iwhd.pp +++ /dev/null @@ -1,57 +0,0 @@ -# aeolus iwhd puppet definitions - -class aeolus::iwhd inherits aeolus { - ### Install the deltacloud components - package { 'iwhd': - ensure => 'installed', - require => Yumrepo['aeolus_arch', 'aeolus_noarch'] } - - package { 'mongodb-server': - ensure => 'installed' } - - ### Start the aeolus services - file { "/data": ensure => 'directory' } - file { "/data/db": ensure => 'directory' } - file { "/etc/iwhd": ensure => 'directory'} - - service { 'mongod': - ensure => 'running', - enable => true, - require => [Package['mongodb-server'], File["/data/db"]]} - - service { 'iwhd': - ensure => 'running', - enable => true, - hasstatus => true, - require => [Package['iwhd'], - Service[mongod]]} - - # XXX ugly hack but iwhd might take some time to come up - exec{"iwhd_startup_pause": - command => "/bin/sleep 2", - unless => '/usr/bin/curl http://localhost:9090', - logoutput => true, - require => Service['iwhd']} -} - -class aeolus::iwhd::disabled { - ### Stop the aeolus services - service { 'mongod': - ensure => 'stopped', - enable => false, - require => Service[iwhd]} - - service { 'iwhd': - ensure => 'stopped', - enable => false, - hasstatus => true} -} - -# Create a named bucket in iwhd -define aeolus::create_bucket(){ - exec{"create-bucket-${name}": - command => "/usr/bin/curl -X PUT http://localhost:9090/templates", - logoutput => true, - require => [Exec['iwhd_startup_pause'], Package[curl]] } -} - diff --git a/recipes/aeolus_recipe/manifests/rails.pp b/recipes/aeolus_recipe/manifests/rails.pp deleted file mode 100644 index 5586a8d..0000000 --- a/recipes/aeolus_recipe/manifests/rails.pp +++ /dev/null @@ -1,43 +0,0 @@ -# Some convenience routines for rails - -define rails::create::db($cwd="", $rails_env=""){ - exec{"create_rails_database": - cwd => $cwd, - environment => "RAILS_ENV=${rails_env}", - logoutput => true, - command => "/usr/bin/rake db:create"} - -} - -define rails::migrate::db($cwd="", $rails_env=""){ - exec{"migrate_rails_database": - cwd => $cwd, - environment => "RAILS_ENV=${rails_env}", - command => "/usr/bin/rake db:migrate"} -} - -define rails::seed::db($cwd="", $rails_env=""){ - exec{"seed_rails_database": - cwd => $cwd, - environment => "RAILS_ENV=${rails_env}", - command => "/usr/bin/rake db:seed", - logoutput => true, - creates => "/var/lib/aeolus-conductor/${rails_env}.seed" - } - - file{"/var/lib/aeolus-conductor/${rails_env}.seed": - ensure => present, - recurse => true, - require => [Exec['seed_rails_database'], File['/var/lib/aeolus-conductor']] - } -} - -define rails::drop::db($cwd="", $rails_env=""){ - exec{"drop_rails_database": - cwd => $cwd, - onlyif => "/usr/bin/test -f ${cwd}/Rakefile", - environment => "RAILS_ENV=${rails_env}", - logoutput => true, - command => "/usr/bin/rake db:drop"} -} - diff --git a/recipes/aeolus_recipe/manifests/selinux.pp b/recipes/aeolus_recipe/manifests/selinux.pp deleted file mode 100644 index 0424c36..0000000 --- a/recipes/aeolus_recipe/manifests/selinux.pp +++ /dev/null @@ -1,13 +0,0 @@ -# Some convenience routines for selinux - -define selinux::mode(){ - $mode = $name ? { - 'permissive' => '0', - 'enforcing' => '1' - } - exec{"set_selinux_${name}": - command => "/usr/sbin/setenforce ${mode}", - unless => "/usr/bin/test 'Disabled' = `/usr/sbin/getenforce`" - } -} - diff --git a/recipes/aeolus_recipe/templates/deltacloud-core b/recipes/aeolus_recipe/templates/deltacloud-core deleted file mode 100644 index 0f52b65..0000000 --- a/recipes/aeolus_recipe/templates/deltacloud-core +++ /dev/null @@ -1,103 +0,0 @@ -#!/bin/bash -# -# -# deltacloud-core startup script for deltacloud-core server -# -# chkconfig: - 97 03 -# description: deltacloud-core is primary server process for the \ -# Deltacloud Core component. -# - -[ -r /etc/sysconfig/deltacloud-<%= name %> ] && . /etc/sysconfig/deltacloud-<%= name %> - -ENV="${ENV:-production}" -DRIVER="${DRIVER:-<%= provider_type %>}" -PORT="${PORT:-<%= port %>}" -LOCKFILE="${LOCKFILE:-/var/lock/subsys/deltacloud-<%= name %> }" -LOGFILE="${LOGFILE:-/var/log/deltacloud-<%= name %>/$DRIVER.log}" -PIDFILE="${THIN_PID:-/var/run/deltacloud-<%= name %>.pid}" -export DELTACLOUD_MOCK_STORAGE=/usr/lib/ruby/gems/1.8/gems/deltacloud-<%= name %>-0.3.0/lib/deltacloud/drivers/mock/data/ - -PROG=/usr/bin/deltacloudd - -STARTTIMEOUT=20 - -. /etc/init.d/functions - -start() { - echo -n "Starting deltacloud-<%= name %>: " - - if [ -f $LOCKFILE ] || [ -f $PIDFILE ] && checkpid `cat $PIDFILE` ; then - echo_success - echo - echo "deltacloud-$DRIVER has already been started" - exit 0 - fi - - $PROG -i $DRIVER -e $ENV -p $PORT <%= "--provider #{endpoint}" unless endpoint == "" %> >> $LOGFILE 2>&1 & - RETVAL=$? - echo $! > $PIDFILE - if [ $RETVAL -eq 0 ] ; then - TIMEOUT="$STARTTIMEOUT" - while [ $TIMEOUT -gt 0 ]; do - /usr/bin/curl --silent http://localhost:$PORT/api >& /dev/null - RETVAL=$? - if [ $RETVAL -eq 0 ] ; then - touch $LOCKFILE - echo_success - echo - exit 0 - fi - sleep 1 - let TIMEOUT=${TIMEOUT}-1 - done - fi - - echo_failure - echo - exit 1 -} - -stop() { - echo -n "Shutting down deltacloud-<%= name %>: " - - # FIXME! we need to do a killproc -p <pidfile> here to ensure other deltacloud - # daemons are not killed as well - killproc -p $PIDFILE deltacloudd - RETVAL=$? - if [ $RETVAL -eq 0 ] && rm -f $LOCKFILE ; then - echo_success - echo - else - echo_failure - echo - fi -} - -case "$1" in - start) - start - ;; - stop) - stop - ;; - restart) - stop - start - ;; - reload) - ;; - force-reload) - restart - ;; - status) - status -p $PIDFILE $PROG - RETVAL=$? - ;; - *) - echo "Usage: deltacloud-<%= name %> {start|stop|restart|status}" - exit 1 - ;; -esac - -exit $RETVAL
On 05/19/2011 06:17 PM, Mo Morsi wrote:
(morazi's patchset merged/reworked)
aeolus configuration can now be specified in yml config files
Rakefile | 2 +- bin/aeolus-cleanup | 5 +- bin/aeolus-configure | 3 +- bin/aeolus-node | 9 +++ contrib/aeolus-configure.spec | 14 ++++-- recipes/aeolus_recipe/aeolus_recipe.pp | 70 -------------------------- recipes/aeolus_recipe/aeolus_uninstall.pp | 38 -------------- recipes/aeolus_recipe/manifests/conductor.pp | 41 +++++++++++++++ recipes/aeolus_recipe/manifests/init.pp | 63 +++++++++++++++++++++++ recipes/apache/manifests/init.pp | 6 +- 10 files changed, 132 insertions(+), 119 deletions(-) create mode 100644 bin/aeolus-node delete mode 100644 recipes/aeolus_recipe/aeolus_recipe.pp delete mode 100644 recipes/aeolus_recipe/aeolus_uninstall.pp create mode 100644 recipes/aeolus_recipe/manifests/init.pp
diff --git a/Rakefile b/Rakefile index 1104573..647cf65 100644 --- a/Rakefile +++ b/Rakefile @@ -19,7 +19,7 @@ RPM_SPEC = "contrib/aeolus-configure.spec" rpm_task = Rake::RpmTask.new(RPM_SPEC) do |rpm| rpm.need_tar = true
- rpm.package_files.include("bin/*", "recipes/**/*")
- rpm.package_files.include("bin/*", "recipes/**/*", "conf/*") rpm.topdir = "#{RPMBUILD_DIR}" end
diff --git a/bin/aeolus-cleanup b/bin/aeolus-cleanup index 87fb405..a45a277 100644 --- a/bin/aeolus-cleanup +++ b/bin/aeolus-cleanup @@ -2,8 +2,9 @@
export FACTER_AEOLUS_ENABLE_HTTPS=true export FACTER_AEOLUS_ENABLE_SECURITY=false -puppet /usr/share/aeolus-configure/aeolus_uninstall.pp \ ++puppet /usr/share/aeolus-configure/modules/aeolus_recipe/manifests/defaults.pp \ --modulepath=/usr/share/aeolus-configure/modules/ \
--logdest=/var/log/aeolus-configure/aeolus-cleanup.log \
--external_nodes '/usr/sbin/aeolus-node cleanup' --node_terminus exec \
--logdest=/var/log/aeolus-configure/aeolus-configure.log \ --logdest=console
diff --git a/bin/aeolus-configure b/bin/aeolus-configure index 6d87cb1..a4fae56 100644 --- a/bin/aeolus-configure +++ b/bin/aeolus-configure @@ -2,8 +2,9 @@
export FACTER_AEOLUS_ENABLE_HTTPS=true export FACTER_AEOLUS_ENABLE_SECURITY=false -puppet /usr/share/aeolus-configure/aeolus_recipe.pp \ +puppet /usr/share/aeolus-configure/modules/aeolus_recipe/manifests/defaults.pp \ --modulepath=/usr/share/aeolus-configure/modules/ \
--external_nodes '/usr/sbin/aeolus-node configure' --node_terminus exec \ --logdest=/var/log/aeolus-configure/aeolus-configure.log \ --logdest=console
diff --git a/bin/aeolus-node b/bin/aeolus-node new file mode 100644 index 0000000..5b1468a --- /dev/null +++ b/bin/aeolus-node @@ -0,0 +1,9 @@ +#! /bin/sh
+CAT=/bin/cat +NODE_DIR=/etc/aeolus-configure/nodes
+# look for node setting files, or revert to default +[ -f nodes/$2_$1 ]&& NODE=$2_$1 || NODE=default_$1
+$CAT $NODE_DIR/$NODE diff --git a/contrib/aeolus-configure.spec b/contrib/aeolus-configure.spec index 4bfaf6a..f4a9877 100644 --- a/contrib/aeolus-configure.spec +++ b/contrib/aeolus-configure.spec @@ -3,8 +3,8 @@
Summary: Aeolus Configure Puppet Recipe Name: aeolus-configure -Version: 2.0.0 -Release: 11%{?dist}%{?extra_release} +Version: 2.0.1 +Release: 0%{?dist}%{?extra_release}
Group: Applications/Internet License: GPLv2+ @@ -31,8 +31,8 @@ Aeolus Configure Puppet Recipe %install rm -rf %{buildroot} %{__mkdir} -p %{buildroot}/%{dchome}/modules/aeolus_recipe %{buildroot}/%{_sbindir} -%{__cp} -R %{pbuild}/recipes/aeolus_recipe/aeolus_recipe.pp %{buildroot}/%{dchome} -%{__cp} -R %{pbuild}/recipes/aeolus_recipe/aeolus_uninstall.pp %{buildroot}/%{dchome} +%{__mkdir} -p %{buildroot}%{_sysconfdir}/aeolus-configure/nodes +%{__cp} -R %{pbuild}/conf/* %{buildroot}%{_sysconfdir}/aeolus-configure/nodes %{__cp} -R %{pbuild}/recipes/aeolus_recipe/*/ %{buildroot}/%{dchome}/modules/aeolus_recipe %{__cp} -R %{pbuild}/recipes/apache/ %{buildroot}/%{dchome}/modules/apache %{__cp} -R %{pbuild}/recipes/ntp/ %{buildroot}/%{dchome}/modules/ntp @@ -40,6 +40,7 @@ rm -rf %{buildroot} %{__cp} -R %{pbuild}/recipes/postgres/ %{buildroot}/%{dchome}/modules/postgres %{__cp} -R %{pbuild}/bin/aeolus-configure %{buildroot}/%{_sbindir}/ %{__cp} -R %{pbuild}/bin/aeolus-cleanup %{buildroot}/%{_sbindir}/ +%{__cp} -R %{pbuild}/bin/aeolus-node %{buildroot}/%{_sbindir}/\
%clean rm -rf %{buildroot} @@ -48,9 +49,14 @@ rm -rf %{buildroot} %defattr(-,root,root,-) %attr(0755, root, root) %{_sbindir}/aeolus-configure %attr(0755, root, root) %{_sbindir}/aeolus-cleanup +%attr(0755, root, root) %{_sbindir}/aeolus-node +%config(noreplace) %{_sysconfdir}/aeolus-configure/nodes/* %{dchome}
%changelog +* Wed May 18 2011 Mike Orazimorazi@redhat.com 2.0.1-0 +- Move using external nodes so changes to behavior can happen in etc
- Wed May 18 2011 Chris Lalancetteclalance@redhat.com - 2.0.0-11
- Bump the release version
diff --git a/recipes/aeolus_recipe/aeolus_recipe.pp b/recipes/aeolus_recipe/aeolus_recipe.pp deleted file mode 100644 index 6ae1827..0000000 --- a/recipes/aeolus_recipe/aeolus_recipe.pp +++ /dev/null @@ -1,70 +0,0 @@ -#-- -# Copyright (C) 2010 Red Hat Inc. -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of the GNU Lesser General Public -# License as published by the Free Software Foundation; either -# version 2.1 of the License, or (at your option) any later version. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -# Author: Mohammed Morsimmorsi@redhat.com -#--
-# -# aeolus installation recipe -#
-# Modules used by the recipe -import "aeolus_recipe/aeolus" -import "aeolus_recipe/defaults"
-# include the various aeolus components -include aeolus::conductor -include aeolus::image-factory -include aeolus::iwhd
-aeolus::create_bucket{"aeolus":}
-aeolus::site_admin{"$admin_user":
email => 'dcuser@aeolusproject.org',
password => "$admin_password",
first_name => 'aeolus',
last_name => 'user'}
-aeolus::provider{"mock":
type => 'mock',
port => 3002,
require => Aeolus::Site_admin["admin"] }
-aeolus::provider{"ec2-us-east-1":
type => 'ec2',
endpoint => 'us-east-1',
port => 3003,
require => Aeolus::Site_admin["admin"] }
-aeolus::provider{"ec2-us-west-1":
type => 'ec2',
endpoint => 'us-west-1',
port => 3004,
require => Aeolus::Site_admin["admin"] }
-aeolus::provider{"rhevm":
type => "rhevm",
port => 3005,
require => Aeolus::Site_admin["admin"] }
-aeolus::conductor::hwp{"hwp1":
memory => "1",
cpu => "1",
storage => "1",
architecture => "x86_64",
require => Aeolus::Site_admin["admin"] }
diff --git a/recipes/aeolus_recipe/aeolus_uninstall.pp b/recipes/aeolus_recipe/aeolus_uninstall.pp deleted file mode 100644 index 572960a..0000000 --- a/recipes/aeolus_recipe/aeolus_uninstall.pp +++ /dev/null @@ -1,38 +0,0 @@ -#-- -# Copyright (C) 2010 Red Hat Inc. -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of the GNU Lesser General Public -# License as published by the Free Software Foundation; either -# version 2.1 of the License, or (at your option) any later version. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -# Author: Mohammed Morsimmorsi@redhat.com -#--
-# -# aeolus uninstallation recipe -#
-# Modules used by the recipe -import "aeolus_recipe/aeolus" -import "aeolus_recipe/defaults"
-# disable the various aeolus components -include aeolus::conductor::disabled -include aeolus::iwhd::disabled -include aeolus::image-factory::disabled
-aeolus::deltacloud::disabled{"mock": } -aeolus::deltacloud::disabled{"ec2-us-east-1": } -aeolus::deltacloud::disabled{"ec2-us-west-1": } -aeolus::deltacloud::disabled{"rhevm": }
diff --git a/recipes/aeolus_recipe/manifests/conductor.pp b/recipes/aeolus_recipe/manifests/conductor.pp index 10de426..ebe703f 100644 --- a/recipes/aeolus_recipe/manifests/conductor.pp +++ b/recipes/aeolus_recipe/manifests/conductor.pp @@ -160,6 +160,47 @@ class aeolus::conductor inherits aeolus { enable => 'true' } }
+class aeolus::conductor::seed_data {
- aeolus::create_bucket{"aeolus":}
- aeolus::site_admin{"$admin_user":
email => 'dcuser@aeolusproject.org',
password => "$admin_password",
first_name => 'aeolus',
last_name => 'user'}
- aeolus::provider{"mock":
type => 'mock',
port => 3002,
require => Aeolus::Site_admin["admin"] }
- aeolus::provider{"ec2-us-east-1":
type => 'ec2',
endpoint => 'us-east-1',
port => 3003,
require => Aeolus::Site_admin["admin"] }
- aeolus::provider{"ec2-us-west-1":
type => 'ec2',
endpoint => 'us-west-1',
port => 3004,
require => Aeolus::Site_admin["admin"] }
- aeolus::conductor::hwp{"hwp1":
memory => "1",
cpu => "1",
storage => "1",
architecture => "x86_64",
require => Aeolus::Site_admin["admin"] }
+}
+class aeolus::conductor::remove_seed_data {
- aeolus::deltacloud::disabled{"mock": }
- aeolus::deltacloud::disabled{"ec2-us-east-1": }
- aeolus::deltacloud::disabled{"ec2-us-west-1": }
+}
- class aeolus::conductor::disabled { file {"/var/lib/aeolus-conductor": ensure => absent,
diff --git a/recipes/aeolus_recipe/manifests/init.pp b/recipes/aeolus_recipe/manifests/init.pp new file mode 100644 index 0000000..e3e601c --- /dev/null +++ b/recipes/aeolus_recipe/manifests/init.pp @@ -0,0 +1,63 @@ +# Aeolus puppet definitions
+import "postgres" +import "apache" +import "rails" +import "selinux" +import "ntp"
+import "conductor" +import "deltacloud" +import "iwhd" +import "image-factory"
+if $aeolus_enable_https == "true" or $aeolus_enable_https == "1" {
- import "openssl"
- $enable_https = true
+} else {
- $enable_https = false
+}
+if $aeolus_enable_security == "true" or $aeolus_enable_security == "1" {
- import "openssl"
- $enable_security = true
+} else {
- $enable_security = false
+}
+# Base aeolus class +class aeolus {
- package{'curl': ensure => 'installed'}
- # Setup repos which to pull aeolus components
- # TODO: Don't hardcode these repos to RHEL-6
- # The issue is that $releasever resolves to something like 6Server
- # so we either need to have a repo per RHEL variant, or we need
- # to have smarter logic here
- $base_url_release = $operatingsystem ? { 'fedora' => "fedora-$releasever",
'redhat' => 'rhel-6' }
- $pulp_base_url_release = $operatingsystem ? { 'fedora' => "fedora-13",
'redhat' => 'rhel5' }
- yumrepo{"${name}_arch":
name => "${name}_arch",
descr => "${name}_arch",
baseurl => "http://repos.fedorapeople.org/repos/aeolus/packages/${base_url_release}/\$basearch",
enabled => 0, gpgcheck => 0}
- yumrepo{"${name}_noarch":
name => "${name}_noarch",
descr => "${name}_noarch",
baseurl => "http://repos.fedorapeople.org/repos/aeolus/packages/${base_url_release}/noarch",
enabled => 0, gpgcheck => 0}
+}
+# Create a new provider in aeolus +define aeolus::provider($type, $port, $endpoint=""){
- aeolus::deltacloud{$name: provider_type => $type, endpoint => $endpoint, port => $port}
- aeolus::conductor::provider{$name:
type => $type,
url => "http://localhost:${port}/api",
require => Aeolus::Deltacloud[$name] }
+} diff --git a/recipes/apache/manifests/init.pp b/recipes/apache/manifests/init.pp index de703aa..32a0723 100644 --- a/recipes/apache/manifests/init.pp +++ b/recipes/apache/manifests/init.pp @@ -1,6 +1,3 @@ -$apache_dir = "/etc/httpd" -$apache_conf_dir = "${apache_dir}/conf.d"
- class apache { # require apache and mod_ssl package { "httpd": ensure => installed }
@@ -31,6 +28,9 @@ class apache { }
define apache::site ( $ensure = 'present', $source = '') {
- $apache_dir = "/etc/httpd"
- $apache_conf_dir = "${apache_dir}/conf.d"
- $site_file = "${apache_conf_dir}/${name}.conf" file { $site_file:
Thanks for reformatting my initial go at the patch!
Conditional ACK on this. I think you missed the conf dir. I added a follow-on patch with what I think are decent conf values.
Thanks, Mike
Ah yes thanks, looks good, ACK.
-Mo
Thanks for reformatting my initial go at the patch!
Conditional ACK on this. I think you missed the conf dir. I added a follow-on patch with what I think are decent conf values.
Thanks, Mike
aeolus-devel@lists.fedorahosted.org