diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2015-09-12 12:57:38 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2015-09-12 12:57:38 -0300 |
| commit | 2cd029f433e377b1d629cdaf7146b7e90546df33 (patch) | |
| tree | 8597639cc4d6295ddc2290dd043880c3cd492444 /manifests | |
| parent | c2e477d0a8667bc3a983105421d5c048faa31661 (diff) | |
| download | puppet-virtual-2cd029f433e377b1d629cdaf7146b7e90546df33.tar.gz puppet-virtual-2cd029f433e377b1d629cdaf7146b7e90546df33.tar.bz2 | |
Puppet autoload support
This commit move stuff around and rename classes and
definitions so we can benefit from puppet autoloading.
Diffstat (limited to 'manifests')
26 files changed, 823 insertions, 804 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index 6853fd0..42f6d4b 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -3,8 +3,6 @@ # See LICENSE for the full license granted to you. # Based on the work of abnormaliti on http://reductivelabs.com/trac/puppet/wiki/VirtualRecipe -module_dir{ "virtual": } - -import "vserver.pp" -import "openvpn.pp" -import "xen.pp" +class virtual { + module_dir{ "virtual": } +} diff --git a/manifests/openvpn.pp b/manifests/openvpn.pp deleted file mode 100644 index 5aa8d92..0000000 --- a/manifests/openvpn.pp +++ /dev/null @@ -1,54 +0,0 @@ -# openvpn.pp -- create a "virtual" OpenVPN Server within a vserver -# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at> -# See LICENSE for the full license granted to you. - -# configures the specified vserver for openvpn hosting -# see also http://oldwiki.linux-vserver.org/some_hints_from_john -# and http://linux-vserver.org/Frequently_Asked_Questions#Can_I_run_an_OpenVPN_Server_in_a_guest.3F - -class virtual::openvpn::base { - include openvpn - module_dir { "virtual/openvpn": } -} - -class virtual::openvpn::host_base inherits virtual::openvpn::base { - file { - "/var/lib/puppet/modules/virtual/openvpn/create_interface": - source => "puppet:///modules/virtual/create_openvpn_interface", - mode => 0755, owner => root, group => 0; - "/var/lib/puppet/modules/virtual/openvpn/destroy_interface": - source => "puppet:///modules/virtual/destroy_openvpn_interface", - mode => 0755, owner => root, group => 0; - } -} - -define virtual::openvpn::host() { - include virtual::openvpn::host_base - exec { "mktun for ${name}": - command => "./MAKEDEV tun", - cwd => "/etc/vservers/${name}/vdir/dev", - creates => "/etc/vservers/${name}/vdir/dev/net/tun"; - } -} - -# this configures a specific tun interface for the given subnet -define virtual::openvpn::interface($subnet) { - # create and setup the interface if it doesn't exist already - # this is a "bit" coarse grained but works for me - ifupdown::manual { - $name: - up => "/var/lib/puppet/modules/virtual/openvpn/create_interface ${name} ${subnet}", - down => "/var/lib/puppet/modules/virtual/openvpn/destroy_interface ${name} ${subnet}" - } -} - -# actually setup the openvpn server within a vserver -define virtual::openvpn::server($config) { - include virtual::openvpn::base - file { - "/etc/openvpn/${name}.conf": - ensure => present, content => $config, - mode => 0644, owner => root, group => 0, - notify => Service['openvpn']; - } -} diff --git a/manifests/openvpn/base.pp b/manifests/openvpn/base.pp new file mode 100644 index 0000000..0342ca3 --- /dev/null +++ b/manifests/openvpn/base.pp @@ -0,0 +1,5 @@ +class virtual::openvpn::base { + include openvpn + include virtual + module_dir { "virtual/openvpn": } +} diff --git a/manifests/openvpn/host.pp b/manifests/openvpn/host.pp new file mode 100644 index 0000000..3d126db --- /dev/null +++ b/manifests/openvpn/host.pp @@ -0,0 +1,16 @@ +# openvpn.pp -- create a "virtual" OpenVPN Server within a vserver +# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at> +# See LICENSE for the full license granted to you. + +# configures the specified vserver for openvpn hosting +# see also http://oldwiki.linux-vserver.org/some_hints_from_john +# and http://linux-vserver.org/Frequently_Asked_Questions#Can_I_run_an_OpenVPN_Server_in_a_guest.3F + +define virtual::openvpn::host() { + include virtual::openvpn::host_base + exec { "mktun for ${name}": + command => "./MAKEDEV tun", + cwd => "/etc/vservers/${name}/vdir/dev", + creates => "/etc/vservers/${name}/vdir/dev/net/tun"; + } +} diff --git a/manifests/openvpn/host_base.pp b/manifests/openvpn/host_base.pp new file mode 100644 index 0000000..072a8a7 --- /dev/null +++ b/manifests/openvpn/host_base.pp @@ -0,0 +1,10 @@ +class virtual::openvpn::host_base inherits virtual::openvpn::base { + file { + "/var/lib/puppet/modules/virtual/openvpn/create_interface": + source => "puppet:///modules/virtual/create_openvpn_interface", + mode => 0755, owner => root, group => 0; + "/var/lib/puppet/modules/virtual/openvpn/destroy_interface": + source => "puppet:///modules/virtual/destroy_openvpn_interface", + mode => 0755, owner => root, group => 0; + } +} diff --git a/manifests/openvpn/interface.pp b/manifests/openvpn/interface.pp new file mode 100644 index 0000000..60c61e2 --- /dev/null +++ b/manifests/openvpn/interface.pp @@ -0,0 +1,10 @@ +# this configures a specific tun interface for the given subnet +define virtual::openvpn::interface($subnet) { + # create and setup the interface if it doesn't exist already + # this is a "bit" coarse grained but works for me + ifupdown::manual { + $name: + up => "/var/lib/puppet/modules/virtual/openvpn/create_interface ${name} ${subnet}", + down => "/var/lib/puppet/modules/virtual/openvpn/destroy_interface ${name} ${subnet}" + } +} diff --git a/manifests/openvpn/server.pp b/manifests/openvpn/server.pp new file mode 100644 index 0000000..b31f80b --- /dev/null +++ b/manifests/openvpn/server.pp @@ -0,0 +1,10 @@ +# actually setup the openvpn server within a vserver +define virtual::openvpn::server($config) { + include virtual::openvpn::base + file { + "/etc/openvpn/${name}.conf": + ensure => present, content => $config, + mode => 0644, owner => root, group => 0, + notify => Service['openvpn']; + } +} diff --git a/manifests/vserver.pp b/manifests/vserver.pp index 36a934a..991bebd 100644 --- a/manifests/vserver.pp +++ b/manifests/vserver.pp @@ -2,207 +2,18 @@ # Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at> # See LICENSE for the full license granted to you. -module_dir{ "virtual/contexts": } - -class vserver::host($vdirbase = "/var/lib/vservers") { - - # make sure we have the ability to query for lsbdistcodename - include lsb - - $utilvserver_version = $lsbdistcodename ? { - etch => "0.30.216~r2772-6~bpo40+1", - lenny => latest, - default => latest, - } - - package { - "util-vserver": - ensure => $utilvserver_version; - - debootstrap: - ensure => installed - } - - file { - "/etc/vservers": - ensure => directory, - require => Package["util-vserver"]; - - "/etc/vservers/local-interfaces": - ensure => directory, - mode => 0755, owner => root, group => root, - require => File["/etc/vservers"]; - - "/usr/local/bin/build_vserver": - source => "puppet:///modules/virtual/vserver/build_vserver", - mode => 0755, owner => root, group => root, - require => [ Package['util-vserver'], Package[debootstrap]]; - - "/etc/vservers/.defaults/vdirbase": - ensure => $vdirbase, - require => File[$vdirbase]; - - "$vdirbase": - ensure => directory, - mode => 000, owner => root, group => root; - - # perhaps we should use hashify. - # but i'm commenting this out until we learn how to properly use in case we want to use it. - #"/etc/cron.daily/vserver-hashify": - # source => "puppet:///virtual/hashify.cron.daily", - # mode => 0755, owner => root, group => root; - } - - # remove dummy interfaces on the host - line { modules_dummy: - file => "/etc/modules", - line => "^dummy", - ensure => absent, - } - - # Remove these dummy interfaces, they are annoying and we dont need them - file { - "/etc/modprobe.d/local-dummy": - ensure => absent, - mode => 0644, owner => root, group => root; - } - - # Setup some plugins if munin is enabled in the system - case $virtual_munin { - false: {} - default: { - file { - "/usr/local/share/munin-plugins/vserver_resources": - source => "puppet:///modules/virtual/munin/vserver_resources", - mode => 0755, owner => root, group => root; - - "/usr/local/share/munin-plugins/vserver_cpu_": - source => "puppet:///modules/virtual/munin/vserver_cpu_", - mode => 0755, owner => root, group => root; - - "/usr/local/share/munin-plugins/vserver_loadavg": - source => "puppet:///modules/virtual/munin/vserver_loadavg", - mode => 0755, owner => root, group => root; - } - } - } - - # Setup some plugins if munin is enabled in the system - case $virtual_munin { - false: {} - default: { - # This creates a load average graph combining the individual load averages of each vserver on the host - munin::plugin { - "vserver_loadavg": - config => "user root\n", - script_path_in => "/usr/local/share/munin-plugins"; - } - - # This creates a RSS graph for each vserver on the host (note after more than 4 vservers this can get noisy) - munin::plugin { - "vserver_resources_RSS": - ensure => "vserver_resources", - config => "user root\nenv.resource RSS", - script_path_in => "/usr/local/share/munin-plugins"; - } - - # This creates a VM graph for each vserver on the host (note after more than 4 vservers this can get noisy) - munin::plugin { - "vserver_resources_VM": - ensure => "vserver_resources", - config => "user root\nenv.resource VM", - script_path_in => "/usr/local/share/munin-plugins"; - } - - # This creates a VM graph for each vserver on the host (note after more than 4 vservers this can get noisy) - munin::plugin { - "vserver_cpu_": - config => "user root\n", - script_path_in => "/usr/local/share/munin-plugins"; - } - } - } -} - -define vs_create($in_domain, $context, $legacy = false, $distro = 'squeeze', - $debootstrap_mirror = 'http://cdn.debian.net/debian', - $hostname = false, $interface = false, - $memory_limit = false) { - $vs_name = $legacy ? { true => $name, false => $in_domain ? { '' => $name, default => "${name}.${in_domain}" } } - $vs_hostname = $hostname ? { false => 'none', default => $hostname } - $vs_interface = $interface ? { false => 'none', default => $interface } - - case $vs_name { '': { fail ( "Cannot create VServer with empty name" ) } } - - case $legacy { - true: { - exec { "/bin/false # cannot create legacy vserver ${vs_name}": - creates => "/etc/vservers/${vs_name}", - alias => "vs_create_${vs_name}" - } - } - false: { - exec { "/usr/local/bin/build_vserver \"${vs_name}\" ${context} ${distro} ${debootstrap_mirror} ${vs_hostname} ${vs_interface} ${memory_limit}": - creates => "/etc/vservers/${vs_name}", - require => File["/usr/local/bin/build_vserver","/etc/vservers/.defaults/vdirbase"], - alias => "vs_create_${vs_name}", - # TODO: change when this is fixed: http://projects.puppetlabs.com/issues/4769 - timeout => $lsbdistcodename ? { "squeeze" => '31536000', # 1 year - default => '-1', }, - } - } - } - - file { "/etc/vservers/${vs_name}/rlimits": - ensure => directory, - mode => 0755, owner => root, group => root, - require => Exec["vs_create_${vs_name}"], - } - - case $memory_limit { - false: { - file { "/etc/vservers/${vs_name}/rlimits/rss.hard": - mode => 0644, owner => root, group => root, - ensure => absent, - } - - file { "/etc/vservers/${vs_name}/rlimits/rss.soft": - mode => 0644, owner => root, group => root, - ensure => absent, - } - - vs_cflags { "${vs_name}-virt_mem": - vserver => $vs_name, - flag => "virt_mem", - ensure => absent, - } - } - default: { - file { "/etc/vservers/${vs_name}/rlimits/rss.hard": - mode => 0644, owner => root, group => root, - content => template("virtual/rss.hard.erb"), - require => File["/etc/vservers/${vs_name}/rlimits"], - } - - file { "/etc/vservers/${vs_name}/rlimits/rss.soft": - mode => 0644, owner => root, group => root, - content => template("virtual/rss.soft.erb"), - require => File["/etc/vservers/${vs_name}/rlimits"], - } - - vs_cflags { "${vs_name}-virt_mem": - vserver => $vs_name, - flag => "virt_mem", - ensure => present, - require => Exec["vs_create_${vs_name}"], - } - } - } -} - # ensure: present, stopped, running -define vserver($ensure, $context, $in_domain = '', $mark = '', $legacy = false, $distro = 'etch', - $hostname = false, $interface = false, $memory_limit = false) { +define virtual::vserver( + $context, + $ensure = present, + $in_domain = '', + $mark = '', + $legacy = false, + $distro = 'etch', + $hostname = false, + $interface = false, + $memory_limit = false +) { case $in_domain { '': {} default: { err("${fqdn}: vserver ${name} uses deprecated \$in_domain" ) } } @@ -215,79 +26,38 @@ define vserver($ensure, $context, $in_domain = '', $mark = '', $legacy = false, $if_dir = "/etc/vservers/${vs_name}/interfaces" $mark_file = "/etc/vservers/${vs_name}/apps/init/mark" - # TODO: wasn't there a syntax for using arrays as case selectors?? - case $ensure { - present: { - vs_create{ $name: - in_domain => $in_domain, - context => $context, - legacy => $legacy, - distro => $distro, - hostname => $hostname, - interface => $interface, - memory_limit => $memory_limit, - } - } - running: { - vs_create{ $name: - in_domain => $in_domain, - context => $context, - legacy => $legacy, - distro => $distro, - hostname => $hostname, - interface => $interface, - memory_limit => $memory_limit, - } - } - stopped: { - vs_create{ $name: - in_domain => $in_domain, - context => $context, - legacy => $legacy, - distro => $distro, - hostname => $hostname, - interface => $interface, - memory_limit => $memory_limit, - } - } - delete: { - vs_create{ $name: - in_domain => $in_domain, - context => $context, - legacy => $legacy, - distro => $distro, - hostname => $hostname, - interface => $interface, - memory_limit => $memory_limit, - } - } - default: { - err("${fqdn}: vserver(${vs_name}): unknown ensure '${ensure}'") - } + virtual::vserver::instance { $name: + in_domain => $in_domain, + context => $context, + legacy => $legacy, + distro => $distro, + hostname => $hostname, + interface => $interface, + memory_limit => $memory_limit, } file { $if_dir: ensure => directory, checksum => mtime, - require => Exec["vs_create_${vs_name}"]; + require => Exec["vserver_instance_${vs_name}"]; } config_file { "/etc/vservers/${vs_name}/context": content => "${context}\n", - notify => Exec["vs_restart_${vs_name}"], - require => Exec["vs_create_${vs_name}"]; + notify => Exec["vs_restart_${vs_name}"], + require => Exec["vserver_instance_${vs_name}"]; # create illegal configuration, when two vservers have the same context # number "/var/lib/puppet/modules/virtual/contexts/${context}": content => "\n"; "/etc/vservers/${vs_name}/uts/nodename": content => "${nodename}\n", - notify => Exec["vs_restart_${vs_name}"], - require => Exec["vs_create_${vs_name}"]; + notify => Exec["vs_restart_${vs_name}"], + require => Exec["vserver_instance_${vs_name}"]; "/etc/vservers/${vs_name}/name": content => "${vs_name}\n", - require => Exec["vs_create_${vs_name}"]; + require => Exec["vserver_instance_${vs_name}"]; } # ensure a secure chroot barrier @@ -295,23 +65,23 @@ define vserver($ensure, $context, $in_domain = '', $mark = '', $legacy = false, # http://linux-vserver.org/Secure_chroot_Barrier#Solution:_Secure_Barrier exec { "/usr/sbin/setattr --barrier /etc/vservers/${vs_name}/vdir/../": unless => "/usr/sbin/showattr /etc/vservers/${vs_name}/vdir/../ | grep -- '----Bui- /etc/vservers/${vs_name}/vdir/../$'", - require => Exec["vs_create_${vs_name}"], + require => Exec["vserver_instance_${vs_name}"], } case $ensure { present: { # don't start or stop the vserver, just make sure it exists, we just run a dummy status test here exec { "/usr/bin/test -e \$(readlink -f /etc/vservers/${vs_name}/vdir)": - require => Exec["vs_create_${vs_name}"], - alias => "vs_restart_${vs_name}", + require => Exec["vserver_instance_${vs_name}"], + alias => "vs_restart_${vs_name}", } } stopped: { exec { "/usr/sbin/vserver ${vs_name} stop": - onlyif => "/usr/bin/test -e \$(readlink -f /etc/vservers/${vs_name}/run || echo /doesntexist )", - require => Exec["vs_create_${vs_name}"], + onlyif => "/usr/bin/test -e \$(readlink -f /etc/vservers/${vs_name}/run || echo /doesntexist )", + require => Exec["vserver_instance_${vs_name}"], # fake the restart exec in the stopped case, so the dependencies are fulfilled - alias => "vs_restart_${vs_name}", + alias => "vs_restart_${vs_name}", } file { $mark_file: ensure => absent, } } @@ -322,14 +92,14 @@ define vserver($ensure, $context, $in_domain = '', $mark = '', $legacy = false, } running: { exec { "/usr/sbin/vserver ${vs_name} start": - unless => "/usr/bin/test -e \$(readlink -f /etc/vservers/${vs_name}/run)", - require => [ Exec["vs_create_${vs_name}"], File["/etc/vservers/${vs_name}/context"] ], + unless => "/usr/bin/test -e \$(readlink -f /etc/vservers/${vs_name}/run)", + require => [ Exec["vserver_instance_${vs_name}"], File["/etc/vservers/${vs_name}/context"] ], } exec { "/usr/sbin/vserver ${vs_name} restart": refreshonly => true, - require => Exec["vs_create_${vs_name}"], - alias => "vs_restart_${vs_name}", - subscribe => File[$if_dir], + require => Exec["vserver_instance_${vs_name}"], + alias => "vs_restart_${vs_name}", + subscribe => File[$if_dir], } case $mark { @@ -340,330 +110,13 @@ define vserver($ensure, $context, $in_domain = '', $mark = '', $legacy = false, default: { config_file { "/etc/vservers/${vs_name}/apps/init/mark": content => "${mark}\n", - require => Exec["vs_create_${vs_name}"], + require => Exec["vserver_instance_${vs_name}"], } } } } - } -} - -# Changing stuff with this define won't do much good, since it relies on -# restarting the vservers to do the work, which won't clean up orphaned -# interfaces -define vs_interface($prefix = 24, $dev = '') { - - file { - "/etc/vservers/local-interfaces/${name}": - ensure => directory, - mode => 0755, owner => root, group => root; - "/etc/vservers/local-interfaces/${name}/ip": - content => "${name}\n", - mode => 0644, owner => root, group => root; - "/etc/vservers/local-interfaces/${name}/prefix": - content => "${prefix}\n", - mode => 0644, owner => root, group => root; - } - - case $dev { - '': { - file { - "/etc/vservers/local-interfaces/${name}/nodev": - ensure => present, - mode => 0644, owner => root, group => root; - "/etc/vservers/local-interfaces/${name}/dev": - ensure => absent; - } - } - default: { - config_file { "/etc/vservers/local-interfaces/${name}/dev": content => $dev, } - file { "/etc/vservers/local-interfaces/${name}/nodev": ensure => absent, } - } - } -} - -define vs_ip($vserver, $ip, $ensure) { - err("$fqdn is using deprecated vs_ip instead of vs_ip_binding for $name") - vs_ip_binding { $name: vserver => $vserver, ip => $ip, ensure => $ensure } -} - -define vs_ip_binding($vserver, $ip, $ensure) { - case $ensure { - connected: { - file { "/etc/vservers/${vserver}/interfaces/${name}": - ensure => "/etc/vservers/local-interfaces/${ip}/", - require => [ File["/etc/vservers/local-interfaces/${ip}"], Exec["vs_create_${vserver}"] ], - notify => Exec["vs_restart_${vserver}"], - } - } - disconnected: { - file { "/etc/vservers/${vserver}/interfaces/${name}": - ensure => absent, - } - } - default: { - err( "${fqdn}: vs_ip: ${vserver} -> ${ip}: unknown ensure: '${ensure}'" ) - } - } -} - -define vs_sched($ensure = present, $fill_rate = '', $fill_rate2 = '', - $interval = '', $interval2 = '', $tokens_min = '', $tokens_max = '', - $tokens = '', $idle_time = false, $priority_bias = '') { - - file { "/etc/vservers/${name}/sched": - ensure => directory, - owner => root, - group => root, - mode => 0755, - } - - case $fill_rate { - '': { - file { "/etc/vservers/${name}/sched/fill-rate": - ensure => absent, - } - } - default: { - $set_fill_rate = "--fill-rate $fill_rate" - - file { "/etc/vservers/${name}/sched/fill-rate": - ensure => $ensure, - content => "$fill_rate\n", - require => File["/etc/vservers/${name}/sched"], - } - } - } - - case $fill_rate2 { - '': { - file { "/etc/vservers/${name}/sched/fill-rate2": - ensure => absent, - } - } - default: { - $set_fill_rate2 = "--fill-rate2 $fill_rate2" - - file { "/etc/vservers/${name}/sched/fill-rate2": - ensure => $ensure, - content => "$fill_rate2\n", - require => File["/etc/vservers/${name}/sched"], - } - } - } - - case $interval { - '': { - file { "/etc/vservers/${name}/sched/interval": - ensure => absent, - } - } - default: { - $set_interval = "--interval $interval" - - file { "/etc/vservers/${name}/sched/interval": - ensure => $ensure, - content => "$interval\n", - require => File["/etc/vservers/${name}/sched"], - } - } - } - - case $interval2 { - '': { - file { "/etc/vservers/${name}/sched/interval2": - ensure => absent, - } - } - default: { - $set_interval2 = "--interval2 $interval2" - - file { "/etc/vservers/${name}/sched/interval2": - ensure => $ensure, - content => "$interval2\n", - require => File["/etc/vservers/${name}/sched"], - } - } - } - - case $tokens_min { - '': { - file { "/etc/vservers/${name}/sched/tokens-min": - ensure => absent, - } - } - default: { - $set_tokens_min = "--tokens-min $tokens_min" - - file { "/etc/vservers/${name}/sched/tokens-min": - ensure => $ensure, - content => "$tokens_min\n", - require => File["/etc/vservers/${name}/sched"], - } - } - } - - case $tokens_max { - '': { - file { "/etc/vservers/${name}/sched/tokens-max": - ensure => absent, - } - } - default: { - $set_tokens_max = "--tokens-max $tokens_max" - - file { "/etc/vservers/${name}/sched/tokens-max": - ensure => $ensure, - content => "$tokens_max\n", - require => File["/etc/vservers/${name}/sched"], - } - } - } - - case $tokens { - '': { - file { "/etc/vservers/${name}/sched/tokens": - ensure => absent, - } - } - default: { - $set_tokens = "--tokens $tokens" - - file { "/etc/vservers/${name}/sched/tokens": - ensure => $ensure, - content => "$tokens\n", - require => File["/etc/vservers/${name}/sched"], - } - } - } - - case $priority_bias { - '': { - file { "/etc/vservers/${name}/sched/priority-bias": - ensure => absent, - } - } - default: { - $set_priority_bias = "--prio-bias $priority_bias" - - file { "/etc/vservers/${name}/sched/priority-bias": - ensure => $ensure, - content => "$priority_bias\n", - require => File["/etc/vservers/${name}/sched"], - } - } - } - - case $idle_time { - true: { - $set_idle_time = "--idle-time" - - file { "/etc/vservers/${name}/sched/idle-time": - ensure => $ensure, - } - } default: { - file { "/etc/vservers/${name}/sched/idle-time": - ensure => absent, - } + err("${fqdn}: vserver(${vs_name}): unknown ensure '${ensure}'") } } - - vs_cflags { "${name}-sched_hard": - vserver => $name, - flag => "sched_hard", - ensure => $ensure, - } - - vs_cflags { "${name}-sched_prio": - vserver => $name, - flag => "sched_prio", - ensure => $ensure, - } - - case $ensure { - present: { - - $vsched_params = "$set_fill_rate $set_fill_rate2 $set_interval $set_interval2 $set_tokens_min $set_tokens_max $set_tokens $set_idle_time $set_priority_bias" - - exec { "/usr/sbin/vsched --xid `cat /etc/vservers/$name/context` ${vsched_params} --force": - subscribe => File["/etc/vservers/$name/sched/fill-rate", "/etc/vservers/$name/sched/fill-rate2", - "/etc/vservers/$name/sched/interval", "/etc/vservers/$name/sched/interval2", - "/etc/vservers/$name/sched/tokens-min", "/etc/vservers/$name/sched/tokens-max", - "/etc/vservers/$name/sched/tokens", "/etc/vservers/$name/sched/idle-time"], - refreshonly => true, - require => Exec["vs_create_${name}"], - } - } - } -} - -define vs_cflags($vserver, $flag, $ensure = present) { - if ! defined(File["/etc/vservers/${vserver}/cflags"]) { - file { "/etc/vservers/${vserver}/cflags": - ensure => present, - } - } - - line {"vs_cflags-${vserver}-${flag}": - ensure => $ensure, - file => "/etc/vservers/${vserver}/cflags", - line => "${flag}", - require => Exec["vs_create_${vserver}"], - notify => Exec["vattribute-${vserver}-${flag}"], - } - - case $ensure { - present: { - exec { "/usr/sbin/vattribute-${vserver}-${flag}": - command => "vattribute --set --xid `cat /etc/vservers/$vserver/context` --flag ${flag}", - refreshonly => true, - require => Exec["vs_create_${vserver}"], - alias => "vattribute-${vserver}-${flag}", - } - } - default: { - exec { "/usr/sbin/vattribute-${vserver}-${flag}": - command => "vattribute --set --xid `cat /etc/vservers/$vserver/context` --flag ~${flag}", - refreshonly => true, - require => Exec["vs_create_${vserver}"], - alias => "vattribute-${vserver}-${flag}", - } - } - } -} - -define vs_rlimit($vserver, $limit, $soft = '', $hard = '', $min = '', $ensure = present) { - file { "/etc/vservers/${vserver}/rlimits/$limit.soft": - mode => 0644, owner => root, group => root, - content => "$soft\n", - ensure => $soft ? { - '' => absent, - default => $ensure, - }, - require => File["/etc/vservers/${vserver}/rlimits"], - notify => Exec["vs_restart_${vserver}"], - } - - file { "/etc/vservers/${vserver}/rlimits/$limit.hard": - mode => 0644, owner => root, group => root, - content => "$hard\n", - ensure => $hard ? { - '' => absent, - default => $ensure, - }, - require => File["/etc/vservers/${vserver}/rlimits"], - notify => Exec["vs_restart_${vserver}"], - } - - file { "/etc/vservers/${vserver}/rlimits/$limit.min": - mode => 0644, owner => root, group => root, - content => "$min\n", - ensure => $min? { - '' => absent, - default => $ensure, - }, - require => File["/etc/vservers/${vserver}/rlimits"], - notify => Exec["vs_restart_${vserver}"], - } } diff --git a/manifests/vserver/cflags.pp b/manifests/vserver/cflags.pp new file mode 100644 index 0000000..c6df50f --- /dev/null +++ b/manifests/vserver/cflags.pp @@ -0,0 +1,35 @@ +define virtual::vserver::cflags($vserver, $flag, $ensure = present) { + if ! defined(File["/etc/vservers/${vserver}/cflags"]) { + file { "/etc/vservers/${vserver}/cflags": + ensure => present, + } + } + + line {"vs_cflags-${vserver}-${flag}": + ensure => $ensure, + file => "/etc/vservers/${vserver}/cflags", + line => "${flag}", + require => Exec["vserver_instance_${vserver}"], + notify => Exec["vattribute-${vserver}-${flag}"], + } + + case $ensure { + present: { + exec { "/usr/sbin/vattribute-${vserver}-${flag}": + command => "vattribute --set --xid `cat /etc/vservers/$vserver/context` --flag ${flag}", + refreshonly => true, + require => Exec["vserver_instance_${vserver}"], + alias => "vattribute-${vserver}-${flag}", + } + } + default: { + exec { "/usr/sbin/vattribute-${vserver}-${flag}": + command => "vattribute --set --xid `cat /etc/vservers/$vserver/context` --flag ~${flag}", + refreshonly => true, + require => Exec["vserver_instance_${vserver}"], + alias => "vattribute-${vserver}-${flag}", + } + } + } +} + diff --git a/manifests/vserver/host.pp b/manifests/vserver/host.pp new file mode 100644 index 0000000..69718dd --- /dev/null +++ b/manifests/vserver/host.pp @@ -0,0 +1,134 @@ +class virtual::vserver::host($vdirbase = "/var/lib/vservers") { + include virtual + + module_dir{ "virtual/contexts": } + + # make sure we have the ability to query for lsbdistcodename + include lsb + + $utilvserver_version = $lsbdistcodename ? { + etch => "0.30.216~r2772-6~bpo40+1", + lenny => latest, + default => latest, + } + + package { + "util-vserver": + ensure => $utilvserver_version; + + debootstrap: + ensure => installed + } + + file { + "/etc/vservers": + ensure => directory, + require => Package["util-vserver"]; + + "/etc/vservers/local-interfaces": + ensure => directory, + mode => 0755, + owner => root, + group => root, + require => File["/etc/vservers"]; + + "/usr/local/bin/build_vserver": + source => "puppet:///modules/virtual/vserver/build_vserver", + mode => 0755, + owner => root, + group => root, + require => [ Package['util-vserver'], Package[debootstrap]]; + + "/etc/vservers/.defaults/vdirbase": + ensure => $vdirbase, + require => File[$vdirbase]; + + "$vdirbase": + ensure => directory, + mode => 000, + owner => root, + group => root; + + # perhaps we should use hashify. + # but i'm commenting this out until we learn how to properly use in case we want to use it. + #"/etc/cron.daily/vserver-hashify": + # source => "puppet:///virtual/hashify.cron.daily", + # mode => 0755, owner => root, group => root; + } + + # remove dummy interfaces on the host + line { modules_dummy: + file => "/etc/modules", + line => "^dummy", + ensure => absent, + } + + # Remove these dummy interfaces, they are annoying and we dont need them + file { + "/etc/modprobe.d/local-dummy": + ensure => absent, + mode => 0644, owner => root, group => root; + } + + # Setup some plugins if munin is enabled in the system + case $virtual_munin { + false: {} + default: { + file { + "/usr/local/share/munin-plugins/vserver_resources": + source => "puppet:///modules/virtual/munin/vserver_resources", + mode => 0755, + owner => root, + group => root; + + "/usr/local/share/munin-plugins/vserver_cpu_": + source => "puppet:///modules/virtual/munin/vserver_cpu_", + mode => 0755, + owner => root, + group => root; + + "/usr/local/share/munin-plugins/vserver_loadavg": + source => "puppet:///modules/virtual/munin/vserver_loadavg", + mode => 0755, + owner => root, + group => root; + } + } + } + + # Setup some plugins if munin is enabled in the system + case $virtual_munin { + false: {} + default: { + # This creates a load average graph combining the individual load averages of each vserver on the host + munin::plugin { + "vserver_loadavg": + config => "user root\n", + script_path_in => "/usr/local/share/munin-plugins"; + } + + # This creates a RSS graph for each vserver on the host (note after more than 4 vservers this can get noisy) + munin::plugin { + "vserver_resources_RSS": + ensure => "vserver_resources", + config => "user root\nenv.resource RSS", + script_path_in => "/usr/local/share/munin-plugins"; + } + + # This creates a VM graph for each vserver on the host (note after more than 4 vservers this can get noisy) + munin::plugin { + "vserver_resources_VM": + ensure => "vserver_resources", + config => "user root\nenv.resource VM", + script_path_in => "/usr/local/share/munin-plugins"; + } + + # This creates a VM graph for each vserver on the host (note after more than 4 vservers this can get noisy) + munin::plugin { + "vserver_cpu_": + config => "user root\n", + script_path_in => "/usr/local/share/munin-plugins"; + } + } + } +} diff --git a/manifests/vserver/instance.pp b/manifests/vserver/instance.pp new file mode 100644 index 0000000..3ec9130 --- /dev/null +++ b/manifests/vserver/instance.pp @@ -0,0 +1,89 @@ +define virtual::vserver::instance( + $in_domain, + $context, + $legacy = false, + $distro = 'jessie', + $debootstrap_mirror = 'http://cdn.debian.net/debian', + $hostname = false, + $interface = false, + $memory_limit = false +) { + $vs_name = $legacy ? { true => $name, false => $in_domain ? { '' => $name, default => "${name}.${in_domain}" } } + $vs_hostname = $hostname ? { false => 'none', default => $hostname } + $vs_interface = $interface ? { false => 'none', default => $interface } + + case $vs_name { '': { fail ( "Cannot create VServer with empty name" ) } } + + case $legacy { + true: { + exec { "/bin/false # cannot create legacy vserver ${vs_name}": + creates => "/etc/vservers/${vs_name}", + alias => "vserver_instance_${vs_name}" + } + } + false: { + exec { "/usr/local/bin/build_vserver \"${vs_name}\" ${context} ${distro} ${debootstrap_mirror} ${vs_hostname} ${vs_interface} ${memory_limit}": + creates => "/etc/vservers/${vs_name}", + require => File["/usr/local/bin/build_vserver","/etc/vservers/.defaults/vdirbase"], + alias => "vserver_instance_${vs_name}", + # TODO: change when this is fixed: http://projects.puppetlabs.com/issues/4769 + timeout => $lsbdistcodename ? { + "squeeze" => '31536000', # 1 year + default => '-1', }, + } + } + } + + file { "/etc/vservers/${vs_name}/rlimits": + ensure => directory, + mode => 0755, + owner => root, + group => root, + require => Exec["vserver_instance_${vs_name}"], + } + + case $memory_limit { + false: { + file { "/etc/vservers/${vs_name}/rlimits/rss.hard": + mode => 0644, owner => root, group => root, + ensure => absent, + } + + file { "/etc/vservers/${vs_name}/rlimits/rss.soft": + mode => 0644, owner => root, group => root, + ensure => absent, + } + + virtual::vserver::cflags { "${vs_name}-virt_mem": + vserver => $vs_name, + flag => "virt_mem", + ensure => absent, + } + } + default: { + file { "/etc/vservers/${vs_name}/rlimits/rss.hard": + mode => 0644, + owner => root, + group => root, + content => template("virtual/rss.hard.erb"), + require => File["/etc/vservers/${vs_name}/rlimits"], + } + + file { "/etc/vservers/${vs_name}/rlimits/rss.soft": + mode => 0644, + owner => root, + group => root, + content => template("virtual/rss.soft.erb"), + require => File["/etc/vservers/${vs_name}/rlimits"], + } + + vs_cflags { "${vs_name}-virt_mem": + vserver => $vs_name, + flag => "virt_mem", + ensure => present, + require => Exec["vserver_instance_${vs_name}"], + } + } + } +} + diff --git a/manifests/vserver/interface.pp b/manifests/vserver/interface.pp new file mode 100644 index 0000000..82a2c9c --- /dev/null +++ b/manifests/vserver/interface.pp @@ -0,0 +1,46 @@ +# Changing stuff with this define won't do much good, since it relies on +# restarting the vservers to do the work, which won't clean up orphaned +# interfaces +define virtual::vserver::interface($prefix = 24, $dev = '') { + + file { + "/etc/vservers/local-interfaces/${name}": + ensure => directory, + mode => 0755, + owner => root, + group => root; + "/etc/vservers/local-interfaces/${name}/ip": + content => "${name}\n", + mode => 0644, + owner => root, + group => root; + "/etc/vservers/local-interfaces/${name}/prefix": + content => "${prefix}\n", + mode => 0644, + owner => root, + group => root; + } + + case $dev { + '': { + file { + "/etc/vservers/local-interfaces/${name}/nodev": + ensure => present, + mode => 0644, + owner => root, + group => root; + "/etc/vservers/local-interfaces/${name}/dev": + ensure => absent; + } + } + default: { + config_file { "/etc/vservers/local-interfaces/${name}/dev": + content => $dev, + } + + file { "/etc/vservers/local-interfaces/${name}/nodev": + ensure => absent, + } + } + } +} diff --git a/manifests/vserver/ip.pp b/manifests/vserver/ip.pp new file mode 100644 index 0000000..5a0d206 --- /dev/null +++ b/manifests/vserver/ip.pp @@ -0,0 +1,9 @@ +define virtual::vserver::ip($vserver, $ip, $ensure) { + err("$fqdn is using deprecated vs_ip instead of vs_ip_binding for $name") + + virtual::vserver::ip::binding { $name: + vserver => $vserver, + ip => $ip, + ensure => $ensure + } +} diff --git a/manifests/vserver/ip/binding.pp b/manifests/vserver/ip/binding.pp new file mode 100644 index 0000000..2489b69 --- /dev/null +++ b/manifests/vserver/ip/binding.pp @@ -0,0 +1,19 @@ +define virtual::vserver::ip::binding($vserver, $ip, $ensure) { + case $ensure { + connected: { + file { "/etc/vservers/${vserver}/interfaces/${name}": + ensure => "/etc/vservers/local-interfaces/${ip}/", + require => [ File["/etc/vservers/local-interfaces/${ip}"], Exec["vserver_instance_${vserver}"] ], + notify => Exec["vs_restart_${vserver}"], + } + } + disconnected: { + file { "/etc/vservers/${vserver}/interfaces/${name}": + ensure => absent, + } + } + default: { + err( "${fqdn}: vs_ip: ${vserver} -> ${ip}: unknown ensure: '${ensure}'" ) + } + } +} diff --git a/manifests/vserver/rlimit.pp b/manifests/vserver/rlimit.pp new file mode 100644 index 0000000..0218359 --- /dev/null +++ b/manifests/vserver/rlimit.pp @@ -0,0 +1,48 @@ +define virtual::vserver::rlimit( + $vserver, + $limit, + $soft = '', + $hard = '', + $min = '', + $ensure = present +) { + file { "/etc/vservers/${vserver}/rlimits/$limit.soft": + mode => 0644, + owner => root, + group => root, + content => "$soft\n", + ensure => $soft ? { + '' => absent, + default => $ensure, + }, + require => File["/etc/vservers/${vserver}/rlimits"], + notify => Exec["vs_restart_${vserver}"], + } + + file { "/etc/vservers/${vserver}/rlimits/$limit.hard": + mode => 0644, + owner => root, + group => root, + content => "$hard\n", + ensure => $hard ? { + '' => absent, + default => $ensure, + }, + require => File["/etc/vservers/${vserver}/rlimits"], + notify => Exec["vs_restart_${vserver}"], + } + + file { "/etc/vservers/${vserver}/rlimits/$limit.min": + mode => 0644, + owner => root, + group => root, + content => "$min\n", + ensure => $min? { + '' => absent, + default => $ensure, + }, + require => File["/etc/vservers/${vserver}/rlimits"], + notify => Exec["vs_restart_${vserver}"], + } +} + diff --git a/manifests/vserver/sched.pp b/manifests/vserver/sched.pp new file mode 100644 index 0000000..b0d12bd --- /dev/null +++ b/manifests/vserver/sched.pp @@ -0,0 +1,199 @@ +define virtual::vserver::sched( + $ensure = present, + $fill_rate = '', + $fill_rate2 = '', + $interval = '', + $interval2 = '', + $tokens_min = '', + $tokens_max = '', + $tokens = '', + $idle_time = false, + $priority_bias = '' +) { + + file { "/etc/vservers/${name}/sched": + ensure => directory, + owner => root, + group => root, + mode => 0755, + } + + case $fill_rate { + '': { + file { "/etc/vservers/${name}/sched/fill-rate": + ensure => absent, + } + } + default: { + $set_fill_rate = "--fill-rate $fill_rate" + + file { "/etc/vservers/${name}/sched/fill-rate": + ensure => $ensure, + content => "$fill_rate\n", + require => File["/etc/vservers/${name}/sched"], + } + } + } + + case $fill_rate2 { + '': { + file { "/etc/vservers/${name}/sched/fill-rate2": + ensure => absent, + } + } + default: { + $set_fill_rate2 = "--fill-rate2 $fill_rate2" + + file { "/etc/vservers/${name}/sched/fill-rate2": + ensure => $ensure, + content => "$fill_rate2\n", + require => File["/etc/vservers/${name}/sched"], + } + } + } + + case $interval { + '': { + file { "/etc/vservers/${name}/sched/interval": + ensure => absent, + } + } + default: { + $set_interval = "--interval $interval" + + file { "/etc/vservers/${name}/sched/interval": + ensure => $ensure, + content => "$interval\n", + require => File["/etc/vservers/${name}/sched"], + } + } + } + + case $interval2 { + '': { + file { "/etc/vservers/${name}/sched/interval2": + ensure => absent, + } + } + default: { + $set_interval2 = "--interval2 $interval2" + + file { "/etc/vservers/${name}/sched/interval2": + ensure => $ensure, + content => "$interval2\n", + require => File["/etc/vservers/${name}/sched"], + } + } + } + + case $tokens_min { + '': { + file { "/etc/vservers/${name}/sched/tokens-min": + ensure => absent, + } + } + default: { + $set_tokens_min = "--tokens-min $tokens_min" + + file { "/etc/vservers/${name}/sched/tokens-min": + ensure => $ensure, + content => "$tokens_min\n", + require => File["/etc/vservers/${name}/sched"], + } + } + } + + case $tokens_max { + '': { + file { "/etc/vservers/${name}/sched/tokens-max": + ensure => absent, + } + } + default: { + $set_tokens_max = "--tokens-max $tokens_max" + + file { "/etc/vservers/${name}/sched/tokens-max": + ensure => $ensure, + content => "$tokens_max\n", + require => File["/etc/vservers/${name}/sched"], + } + } + } + + case $tokens { + '': { + file { "/etc/vservers/${name}/sched/tokens": + ensure => absent, + } + } + default: { + $set_tokens = "--tokens $tokens" + + file { "/etc/vservers/${name}/sched/tokens": + ensure => $ensure, + content => "$tokens\n", + require => File["/etc/vservers/${name}/sched"], + } + } + } + + case $priority_bias { + '': { + file { "/etc/vservers/${name}/sched/priority-bias": + ensure => absent, + } + } + default: { + $set_priority_bias = "--prio-bias $priority_bias" + + file { "/etc/vservers/${name}/sched/priority-bias": + ensure => $ensure, + content => "$priority_bias\n", + require => File["/etc/vservers/${name}/sched"], + } + } + } + + case $idle_time { + true: { + $set_idle_time = "--idle-time" + + file { "/etc/vservers/${name}/sched/idle-time": + ensure => $ensure, + } + } + default: { + file { "/etc/vservers/${name}/sched/idle-time": + ensure => absent, + } + } + } + + virtual::vserver::cflags { "${name}-sched_hard": + vserver => $name, + flag => "sched_hard", + ensure => $ensure, + } + + virtual::vserver::cflags { "${name}-sched_prio": + vserver => $name, + flag => "sched_prio", + ensure => $ensure, + } + + case $ensure { + present: { + + $vsched_params = "$set_fill_rate $set_fill_rate2 $set_interval $set_interval2 $set_tokens_min $set_tokens_max $set_tokens $set_idle_time $set_priority_bias" + + exec { "/usr/sbin/vsched --xid `cat /etc/vservers/$name/context` ${vsched_params} --force": + subscribe => File["/etc/vservers/$name/sched/fill-rate", "/etc/vservers/$name/sched/fill-rate2", + "/etc/vservers/$name/sched/interval", "/etc/vservers/$name/sched/interval2", + "/etc/vservers/$name/sched/tokens-min", "/etc/vservers/$name/sched/tokens-max", + "/etc/vservers/$name/sched/tokens", "/etc/vservers/$name/sched/idle-time"], + refreshonly => true, + require => Exec["vserver_instance_${name}"], + } + } + } +} diff --git a/manifests/xen.pp b/manifests/xen.pp deleted file mode 100644 index 516a59c..0000000 --- a/manifests/xen.pp +++ /dev/null @@ -1,160 +0,0 @@ -# virtual/xen.pp -- XEN specifica -# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at> -# See LICENSE for the full license granted to you. - -class munin::plugins::xen { - munin::remoteplugin { - xen-multi: - source => "puppet:///modules/virtual/munin/xen_mem", - config => "user root", - ensure => absent; - xen_vm: - source => "puppet:///modules/virtual/munin/xen_vm", - config => "user root", - ensure => absent; - 'xen-multi': - source => 'puppet:///modules/virtual/munin/xen-multi', - config => 'user root'; - } -} - -class xen::domain { - case $operatingsystem { - debian: { include xen::domain::debian } - centos: { include xen::domain::centos } - default: { include xen::domain::base } - } -} - -class xen::domain::base { - service{ 'xend': - ensure => running, - enable => true, - hasstatus => false, - hasrestart => true, - } - - case $xen_domains { - '0': { info("No xen domains are running, so not configuring service xendomains") } - default: { - service{ 'xendomains': - ensure => running, - enable => true, - hasstatus => true, - } - } - } - - file{'/etc/xen/xend-config.sxp': - source => [ "puppet:///modules/site_virtual/xen/config/${fqdn}/config/xend-config.sxp", - "puppet:///modules/site_virtual/xen/config/${domain}/xend-config.sxp", - "puppet:///modules/site_virtual/xen/config/${operatingsystem}/xend-config.sxp", - "puppet:///modules/site_virtual/xen/config/${operatingsystem}/${lsbdistcodeename}/xend-config.sxp", - "puppet:///modules/site_virtual/xen/config/xend-config.sxp", - "puppet:///modules/virtual/xen/config/${operatingsystem}/xend-config.sxp", - "puppet:///modules/virtual/xen/config/xend-config.sxp" ], - notify => Service['xend'], - owner => root, group => 0, mode => 0644; - } -} - -class xen::domain::centos inherits xen::domain::base { - package{ 'kernel-xen': - ensure => present, - } - - Service[xend]{ - require => Package['kernel-xen'], - } - - file{'/etc/sysconfig/xend': - source => "puppet:///modules/virtual/xen/${operatingsystem}/sysconfig/xend", - notify => Service['xend'], - owner => root, group => 0, mode => 0644; - } - - file{'/etc/sysconfig/xendomains': - source => "puppet:///modules/virtual/xen/${operatingsystem}/sysconfig/xendomains", - owner => root, group => 0, mode => 0644; - } - - case $xen_domains { - '0': { info("No xen domains are running, so not configuring service xendomains") } - default: { - Service[xendomains]{ - require => Package['kernel-xen'], - } - File['/etc/sysconfig/xendomains']{ - notify => Service[xendomains] - } - } - } -} - -class xen::domain::debian inherits xen::domain::base { - case $lsbdistcodename { - "lenny": { - $xen_linux_system = $architecture ? { - amd64 => "xen-linux-system-2.6.26-2-xen-amd64", - i386 => "xen-linux-system-2.6.26-2-xen-686" - } - } - "squeeze": { - $xen_linux_system = $architecture ? { - /(amd64|x86_64)/ => "xen-linux-system-2.6.32-5-xen-amd64", - i386 => "xen-linux-system-2.6.32-5-xen-686" - } - } - } - - package { - "$xen_linux_system": - ensure => present, - alias => "xen-linux-system"; - } -} - - -class xen::dom0 inherits xen::domain { - case $operatingsystem { - debian: { include xen::dom0::debian } - centos: { include xen::dom0::centos } - default: { include xen::dom0::base } - } -} - -class xen::dom0::base {} - -class xen::dom0::centos inherits xen::dom0::base { - package{ [ "xen", "xen-libs"]: - ensure => present, - } -} - -class xen::dom0::debian inherits xen::dom0::base { - $real_xen_lvm = $xen_lvm ? { - '' => "vg_${hostname}0", - default => $xen_lvm, - } - case $lsbdistcodename { - lenny: { - package { - "xen-tools": - ensure => "4.1-1~bpo50+1", - } - } - squeeze: { - package { - "xen-tools": - ensure => installed; - } - } - } - - file { - "/etc/xen-tools/xen-tools.conf": - owner => root, group => 0, mode => 0644, - content => template("site_virtual/xen/${operatingsystem}/${lsbdistcodename}/xen-tools.conf.erb"), - require => Package['xen-tools']; - } -} diff --git a/manifests/xen/dom0.pp b/manifests/xen/dom0.pp new file mode 100644 index 0000000..2c51b56 --- /dev/null +++ b/manifests/xen/dom0.pp @@ -0,0 +1,7 @@ +class virtual::xen::dom0 inherits xen::domain { + case $operatingsystem { + debian: { include xen::dom0::debian } + centos: { include xen::dom0::centos } + default: { include xen::dom0::base } + } +} diff --git a/manifests/xen/dom0/base.pp b/manifests/xen/dom0/base.pp new file mode 100644 index 0000000..85411cf --- /dev/null +++ b/manifests/xen/dom0/base.pp @@ -0,0 +1 @@ +class virtual::xen::dom0::base {} diff --git a/manifests/xen/dom0/centos.pp b/manifests/xen/dom0/centos.pp new file mode 100644 index 0000000..f0fd14d --- /dev/null +++ b/manifests/xen/dom0/centos.pp @@ -0,0 +1,5 @@ +class virtual::xen::dom0::centos inherits xen::dom0::base { + package{ [ "xen", "xen-libs"]: + ensure => present, + } +} diff --git a/manifests/xen/dom0/debian.pp b/manifests/xen/dom0/debian.pp new file mode 100644 index 0000000..56ec52c --- /dev/null +++ b/manifests/xen/dom0/debian.pp @@ -0,0 +1,27 @@ +class virtual::xen::dom0::debian inherits xen::dom0::base { + $real_xen_lvm = $xen_lvm ? { + '' => "vg_${hostname}0", + default => $xen_lvm, + } + case $lsbdistcodename { + lenny: { + package { + "xen-tools": + ensure => "4.1-1~bpo50+1", + } + } + squeeze: { + package { + "xen-tools": + ensure => installed; + } + } + } + + file { + "/etc/xen-tools/xen-tools.conf": + owner => root, group => 0, mode => 0644, + content => template("site_virtual/xen/${operatingsystem}/${lsbdistcodename}/xen-tools.conf.erb"), + require => Package['xen-tools']; + } +} diff --git a/manifests/xen/domain.pp b/manifests/xen/domain.pp new file mode 100644 index 0000000..30a0fdf --- /dev/null +++ b/manifests/xen/domain.pp @@ -0,0 +1,12 @@ +# XEN specifica +# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at> +# See LICENSE for the full license granted to you. +class virtual::xen::domain { + include virtual + + case $operatingsystem { + debian: { include xen::domain::debian } + centos: { include xen::domain::centos } + default: { include xen::domain::base } + } +} diff --git a/manifests/xen/domain/base.pp b/manifests/xen/domain/base.pp new file mode 100644 index 0000000..c77becb --- /dev/null +++ b/manifests/xen/domain/base.pp @@ -0,0 +1,31 @@ +class virtual::xen::domain::base { + service{ 'xend': + ensure => running, + enable => true, + hasstatus => false, + hasrestart => true, + } + + case $xen_domains { + '0': { info("No xen domains are running, so not configuring service xendomains") } + default: { + service{ 'xendomains': + ensure => running, + enable => true, + hasstatus => true, + } + } + } + + file{'/etc/xen/xend-config.sxp': + source => [ "puppet:///modules/site_virtual/xen/config/${fqdn}/config/xend-config.sxp", + "puppet:///modules/site_virtual/xen/config/${domain}/xend-config.sxp", + "puppet:///modules/site_virtual/xen/config/${operatingsystem}/xend-config.sxp", + "puppet:///modules/site_virtual/xen/config/${operatingsystem}/${lsbdistcodeename}/xend-config.sxp", + "puppet:///modules/site_virtual/xen/config/xend-config.sxp", + "puppet:///modules/virtual/xen/config/${operatingsystem}/xend-config.sxp", + "puppet:///modules/virtual/xen/config/xend-config.sxp" ], + notify => Service['xend'], + owner => root, group => 0, mode => 0644; + } +} diff --git a/manifests/xen/domain/centos.pp b/manifests/xen/domain/centos.pp new file mode 100644 index 0000000..bd01338 --- /dev/null +++ b/manifests/xen/domain/centos.pp @@ -0,0 +1,32 @@ +class virtual::xen::domain::centos inherits xen::domain::base { + package{ 'kernel-xen': + ensure => present, + } + + Service[xend]{ + require => Package['kernel-xen'], + } + + file{'/etc/sysconfig/xend': + source => "puppet:///modules/virtual/xen/${operatingsystem}/sysconfig/xend", + notify => Service['xend'], + owner => root, group => 0, mode => 0644; + } + + file{'/etc/sysconfig/xendomains': + source => "puppet:///modules/virtual/xen/${operatingsystem}/sysconfig/xendomains", + owner => root, group => 0, mode => 0644; + } + + case $xen_domains { + '0': { info("No xen domains are running, so not configuring service xendomains") } + default: { + Service[xendomains]{ + require => Package['kernel-xen'], + } + File['/etc/sysconfig/xendomains']{ + notify => Service[xendomains] + } + } + } +} diff --git a/manifests/xen/domain/debian.pp b/manifests/xen/domain/debian.pp new file mode 100644 index 0000000..8c916c8 --- /dev/null +++ b/manifests/xen/domain/debian.pp @@ -0,0 +1,22 @@ +class virtual::xen::domain::debian inherits xen::domain::base { + case $lsbdistcodename { + "lenny": { + $xen_linux_system = $architecture ? { + amd64 => "xen-linux-system-2.6.26-2-xen-amd64", + i386 => "xen-linux-system-2.6.26-2-xen-686" + } + } + "squeeze": { + $xen_linux_system = $architecture ? { + /(amd64|x86_64)/ => "xen-linux-system-2.6.32-5-xen-amd64", + i386 => "xen-linux-system-2.6.32-5-xen-686" + } + } + } + + package { + "$xen_linux_system": + ensure => present, + alias => "xen-linux-system"; + } +} diff --git a/manifests/xen/munin/plugins.pp b/manifests/xen/munin/plugins.pp new file mode 100644 index 0000000..00982ce --- /dev/null +++ b/manifests/xen/munin/plugins.pp @@ -0,0 +1,15 @@ +class virtual::xen::munin::plugins { + munin::remoteplugin { + xen-multi: + source => "puppet:///modules/virtual/munin/xen_mem", + config => "user root", + ensure => absent; + xen_vm: + source => "puppet:///modules/virtual/munin/xen_vm", + config => "user root", + ensure => absent; + 'xen-multi': + source => 'puppet:///modules/virtual/munin/xen-multi', + config => 'user root'; + } +} |