aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--manifests/init.pp8
-rw-r--r--manifests/openvpn.pp54
-rw-r--r--manifests/openvpn/base.pp5
-rw-r--r--manifests/openvpn/host.pp16
-rw-r--r--manifests/openvpn/host_base.pp10
-rw-r--r--manifests/openvpn/interface.pp10
-rw-r--r--manifests/openvpn/server.pp10
-rw-r--r--manifests/vserver.pp623
-rw-r--r--manifests/vserver/cflags.pp35
-rw-r--r--manifests/vserver/host.pp134
-rw-r--r--manifests/vserver/instance.pp89
-rw-r--r--manifests/vserver/interface.pp46
-rw-r--r--manifests/vserver/ip.pp9
-rw-r--r--manifests/vserver/ip/binding.pp19
-rw-r--r--manifests/vserver/rlimit.pp48
-rw-r--r--manifests/vserver/sched.pp199
-rw-r--r--manifests/xen.pp160
-rw-r--r--manifests/xen/dom0.pp7
-rw-r--r--manifests/xen/dom0/base.pp1
-rw-r--r--manifests/xen/dom0/centos.pp5
-rw-r--r--manifests/xen/dom0/debian.pp27
-rw-r--r--manifests/xen/domain.pp12
-rw-r--r--manifests/xen/domain/base.pp31
-rw-r--r--manifests/xen/domain/centos.pp32
-rw-r--r--manifests/xen/domain/debian.pp22
-rw-r--r--manifests/xen/munin/plugins.pp15
26 files changed, 823 insertions, 804 deletions
diff --git a/manifests/init.pp b/manifests/init.pp
index 6853fd0..42f6d4b 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -3,8 +3,6 @@
# See LICENSE for the full license granted to you.
# Based on the work of abnormaliti on http://reductivelabs.com/trac/puppet/wiki/VirtualRecipe
-module_dir{ "virtual": }
-
-import "vserver.pp"
-import "openvpn.pp"
-import "xen.pp"
+class virtual {
+ module_dir{ "virtual": }
+}
diff --git a/manifests/openvpn.pp b/manifests/openvpn.pp
deleted file mode 100644
index 5aa8d92..0000000
--- a/manifests/openvpn.pp
+++ /dev/null
@@ -1,54 +0,0 @@
-# openvpn.pp -- create a "virtual" OpenVPN Server within a vserver
-# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at>
-# See LICENSE for the full license granted to you.
-
-# configures the specified vserver for openvpn hosting
-# see also http://oldwiki.linux-vserver.org/some_hints_from_john
-# and http://linux-vserver.org/Frequently_Asked_Questions#Can_I_run_an_OpenVPN_Server_in_a_guest.3F
-
-class virtual::openvpn::base {
- include openvpn
- module_dir { "virtual/openvpn": }
-}
-
-class virtual::openvpn::host_base inherits virtual::openvpn::base {
- file {
- "/var/lib/puppet/modules/virtual/openvpn/create_interface":
- source => "puppet:///modules/virtual/create_openvpn_interface",
- mode => 0755, owner => root, group => 0;
- "/var/lib/puppet/modules/virtual/openvpn/destroy_interface":
- source => "puppet:///modules/virtual/destroy_openvpn_interface",
- mode => 0755, owner => root, group => 0;
- }
-}
-
-define virtual::openvpn::host() {
- include virtual::openvpn::host_base
- exec { "mktun for ${name}":
- command => "./MAKEDEV tun",
- cwd => "/etc/vservers/${name}/vdir/dev",
- creates => "/etc/vservers/${name}/vdir/dev/net/tun";
- }
-}
-
-# this configures a specific tun interface for the given subnet
-define virtual::openvpn::interface($subnet) {
- # create and setup the interface if it doesn't exist already
- # this is a "bit" coarse grained but works for me
- ifupdown::manual {
- $name:
- up => "/var/lib/puppet/modules/virtual/openvpn/create_interface ${name} ${subnet}",
- down => "/var/lib/puppet/modules/virtual/openvpn/destroy_interface ${name} ${subnet}"
- }
-}
-
-# actually setup the openvpn server within a vserver
-define virtual::openvpn::server($config) {
- include virtual::openvpn::base
- file {
- "/etc/openvpn/${name}.conf":
- ensure => present, content => $config,
- mode => 0644, owner => root, group => 0,
- notify => Service['openvpn'];
- }
-}
diff --git a/manifests/openvpn/base.pp b/manifests/openvpn/base.pp
new file mode 100644
index 0000000..0342ca3
--- /dev/null
+++ b/manifests/openvpn/base.pp
@@ -0,0 +1,5 @@
+class virtual::openvpn::base {
+ include openvpn
+ include virtual
+ module_dir { "virtual/openvpn": }
+}
diff --git a/manifests/openvpn/host.pp b/manifests/openvpn/host.pp
new file mode 100644
index 0000000..3d126db
--- /dev/null
+++ b/manifests/openvpn/host.pp
@@ -0,0 +1,16 @@
+# openvpn.pp -- create a "virtual" OpenVPN Server within a vserver
+# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at>
+# See LICENSE for the full license granted to you.
+
+# configures the specified vserver for openvpn hosting
+# see also http://oldwiki.linux-vserver.org/some_hints_from_john
+# and http://linux-vserver.org/Frequently_Asked_Questions#Can_I_run_an_OpenVPN_Server_in_a_guest.3F
+
+define virtual::openvpn::host() {
+ include virtual::openvpn::host_base
+ exec { "mktun for ${name}":
+ command => "./MAKEDEV tun",
+ cwd => "/etc/vservers/${name}/vdir/dev",
+ creates => "/etc/vservers/${name}/vdir/dev/net/tun";
+ }
+}
diff --git a/manifests/openvpn/host_base.pp b/manifests/openvpn/host_base.pp
new file mode 100644
index 0000000..072a8a7
--- /dev/null
+++ b/manifests/openvpn/host_base.pp
@@ -0,0 +1,10 @@
+class virtual::openvpn::host_base inherits virtual::openvpn::base {
+ file {
+ "/var/lib/puppet/modules/virtual/openvpn/create_interface":
+ source => "puppet:///modules/virtual/create_openvpn_interface",
+ mode => 0755, owner => root, group => 0;
+ "/var/lib/puppet/modules/virtual/openvpn/destroy_interface":
+ source => "puppet:///modules/virtual/destroy_openvpn_interface",
+ mode => 0755, owner => root, group => 0;
+ }
+}
diff --git a/manifests/openvpn/interface.pp b/manifests/openvpn/interface.pp
new file mode 100644
index 0000000..60c61e2
--- /dev/null
+++ b/manifests/openvpn/interface.pp
@@ -0,0 +1,10 @@
+# this configures a specific tun interface for the given subnet
+define virtual::openvpn::interface($subnet) {
+ # create and setup the interface if it doesn't exist already
+ # this is a "bit" coarse grained but works for me
+ ifupdown::manual {
+ $name:
+ up => "/var/lib/puppet/modules/virtual/openvpn/create_interface ${name} ${subnet}",
+ down => "/var/lib/puppet/modules/virtual/openvpn/destroy_interface ${name} ${subnet}"
+ }
+}
diff --git a/manifests/openvpn/server.pp b/manifests/openvpn/server.pp
new file mode 100644
index 0000000..b31f80b
--- /dev/null
+++ b/manifests/openvpn/server.pp
@@ -0,0 +1,10 @@
+# actually setup the openvpn server within a vserver
+define virtual::openvpn::server($config) {
+ include virtual::openvpn::base
+ file {
+ "/etc/openvpn/${name}.conf":
+ ensure => present, content => $config,
+ mode => 0644, owner => root, group => 0,
+ notify => Service['openvpn'];
+ }
+}
diff --git a/manifests/vserver.pp b/manifests/vserver.pp
index 36a934a..991bebd 100644
--- a/manifests/vserver.pp
+++ b/manifests/vserver.pp
@@ -2,207 +2,18 @@
# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at>
# See LICENSE for the full license granted to you.
-module_dir{ "virtual/contexts": }
-
-class vserver::host($vdirbase = "/var/lib/vservers") {
-
- # make sure we have the ability to query for lsbdistcodename
- include lsb
-
- $utilvserver_version = $lsbdistcodename ? {
- etch => "0.30.216~r2772-6~bpo40+1",
- lenny => latest,
- default => latest,
- }
-
- package {
- "util-vserver":
- ensure => $utilvserver_version;
-
- debootstrap:
- ensure => installed
- }
-
- file {
- "/etc/vservers":
- ensure => directory,
- require => Package["util-vserver"];
-
- "/etc/vservers/local-interfaces":
- ensure => directory,
- mode => 0755, owner => root, group => root,
- require => File["/etc/vservers"];
-
- "/usr/local/bin/build_vserver":
- source => "puppet:///modules/virtual/vserver/build_vserver",
- mode => 0755, owner => root, group => root,
- require => [ Package['util-vserver'], Package[debootstrap]];
-
- "/etc/vservers/.defaults/vdirbase":
- ensure => $vdirbase,
- require => File[$vdirbase];
-
- "$vdirbase":
- ensure => directory,
- mode => 000, owner => root, group => root;
-
- # perhaps we should use hashify.
- # but i'm commenting this out until we learn how to properly use in case we want to use it.
- #"/etc/cron.daily/vserver-hashify":
- # source => "puppet:///virtual/hashify.cron.daily",
- # mode => 0755, owner => root, group => root;
- }
-
- # remove dummy interfaces on the host
- line { modules_dummy:
- file => "/etc/modules",
- line => "^dummy",
- ensure => absent,
- }
-
- # Remove these dummy interfaces, they are annoying and we dont need them
- file {
- "/etc/modprobe.d/local-dummy":
- ensure => absent,
- mode => 0644, owner => root, group => root;
- }
-
- # Setup some plugins if munin is enabled in the system
- case $virtual_munin {
- false: {}
- default: {
- file {
- "/usr/local/share/munin-plugins/vserver_resources":
- source => "puppet:///modules/virtual/munin/vserver_resources",
- mode => 0755, owner => root, group => root;
-
- "/usr/local/share/munin-plugins/vserver_cpu_":
- source => "puppet:///modules/virtual/munin/vserver_cpu_",
- mode => 0755, owner => root, group => root;
-
- "/usr/local/share/munin-plugins/vserver_loadavg":
- source => "puppet:///modules/virtual/munin/vserver_loadavg",
- mode => 0755, owner => root, group => root;
- }
- }
- }
-
- # Setup some plugins if munin is enabled in the system
- case $virtual_munin {
- false: {}
- default: {
- # This creates a load average graph combining the individual load averages of each vserver on the host
- munin::plugin {
- "vserver_loadavg":
- config => "user root\n",
- script_path_in => "/usr/local/share/munin-plugins";
- }
-
- # This creates a RSS graph for each vserver on the host (note after more than 4 vservers this can get noisy)
- munin::plugin {
- "vserver_resources_RSS":
- ensure => "vserver_resources",
- config => "user root\nenv.resource RSS",
- script_path_in => "/usr/local/share/munin-plugins";
- }
-
- # This creates a VM graph for each vserver on the host (note after more than 4 vservers this can get noisy)
- munin::plugin {
- "vserver_resources_VM":
- ensure => "vserver_resources",
- config => "user root\nenv.resource VM",
- script_path_in => "/usr/local/share/munin-plugins";
- }
-
- # This creates a VM graph for each vserver on the host (note after more than 4 vservers this can get noisy)
- munin::plugin {
- "vserver_cpu_":
- config => "user root\n",
- script_path_in => "/usr/local/share/munin-plugins";
- }
- }
- }
-}
-
-define vs_create($in_domain, $context, $legacy = false, $distro = 'squeeze',
- $debootstrap_mirror = 'http://cdn.debian.net/debian',
- $hostname = false, $interface = false,
- $memory_limit = false) {
- $vs_name = $legacy ? { true => $name, false => $in_domain ? { '' => $name, default => "${name}.${in_domain}" } }
- $vs_hostname = $hostname ? { false => 'none', default => $hostname }
- $vs_interface = $interface ? { false => 'none', default => $interface }
-
- case $vs_name { '': { fail ( "Cannot create VServer with empty name" ) } }
-
- case $legacy {
- true: {
- exec { "/bin/false # cannot create legacy vserver ${vs_name}":
- creates => "/etc/vservers/${vs_name}",
- alias => "vs_create_${vs_name}"
- }
- }
- false: {
- exec { "/usr/local/bin/build_vserver \"${vs_name}\" ${context} ${distro} ${debootstrap_mirror} ${vs_hostname} ${vs_interface} ${memory_limit}":
- creates => "/etc/vservers/${vs_name}",
- require => File["/usr/local/bin/build_vserver","/etc/vservers/.defaults/vdirbase"],
- alias => "vs_create_${vs_name}",
- # TODO: change when this is fixed: http://projects.puppetlabs.com/issues/4769
- timeout => $lsbdistcodename ? { "squeeze" => '31536000', # 1 year
- default => '-1', },
- }
- }
- }
-
- file { "/etc/vservers/${vs_name}/rlimits":
- ensure => directory,
- mode => 0755, owner => root, group => root,
- require => Exec["vs_create_${vs_name}"],
- }
-
- case $memory_limit {
- false: {
- file { "/etc/vservers/${vs_name}/rlimits/rss.hard":
- mode => 0644, owner => root, group => root,
- ensure => absent,
- }
-
- file { "/etc/vservers/${vs_name}/rlimits/rss.soft":
- mode => 0644, owner => root, group => root,
- ensure => absent,
- }
-
- vs_cflags { "${vs_name}-virt_mem":
- vserver => $vs_name,
- flag => "virt_mem",
- ensure => absent,
- }
- }
- default: {
- file { "/etc/vservers/${vs_name}/rlimits/rss.hard":
- mode => 0644, owner => root, group => root,
- content => template("virtual/rss.hard.erb"),
- require => File["/etc/vservers/${vs_name}/rlimits"],
- }
-
- file { "/etc/vservers/${vs_name}/rlimits/rss.soft":
- mode => 0644, owner => root, group => root,
- content => template("virtual/rss.soft.erb"),
- require => File["/etc/vservers/${vs_name}/rlimits"],
- }
-
- vs_cflags { "${vs_name}-virt_mem":
- vserver => $vs_name,
- flag => "virt_mem",
- ensure => present,
- require => Exec["vs_create_${vs_name}"],
- }
- }
- }
-}
-
# ensure: present, stopped, running
-define vserver($ensure, $context, $in_domain = '', $mark = '', $legacy = false, $distro = 'etch',
- $hostname = false, $interface = false, $memory_limit = false) {
+define virtual::vserver(
+ $context,
+ $ensure = present,
+ $in_domain = '',
+ $mark = '',
+ $legacy = false,
+ $distro = 'etch',
+ $hostname = false,
+ $interface = false,
+ $memory_limit = false
+) {
case $in_domain { '': {}
default: { err("${fqdn}: vserver ${name} uses deprecated \$in_domain" ) }
}
@@ -215,79 +26,38 @@ define vserver($ensure, $context, $in_domain = '', $mark = '', $legacy = false,
$if_dir = "/etc/vservers/${vs_name}/interfaces"
$mark_file = "/etc/vservers/${vs_name}/apps/init/mark"
- # TODO: wasn't there a syntax for using arrays as case selectors??
- case $ensure {
- present: {
- vs_create{ $name:
- in_domain => $in_domain,
- context => $context,
- legacy => $legacy,
- distro => $distro,
- hostname => $hostname,
- interface => $interface,
- memory_limit => $memory_limit,
- }
- }
- running: {
- vs_create{ $name:
- in_domain => $in_domain,
- context => $context,
- legacy => $legacy,
- distro => $distro,
- hostname => $hostname,
- interface => $interface,
- memory_limit => $memory_limit,
- }
- }
- stopped: {
- vs_create{ $name:
- in_domain => $in_domain,
- context => $context,
- legacy => $legacy,
- distro => $distro,
- hostname => $hostname,
- interface => $interface,
- memory_limit => $memory_limit,
- }
- }
- delete: {
- vs_create{ $name:
- in_domain => $in_domain,
- context => $context,
- legacy => $legacy,
- distro => $distro,
- hostname => $hostname,
- interface => $interface,
- memory_limit => $memory_limit,
- }
- }
- default: {
- err("${fqdn}: vserver(${vs_name}): unknown ensure '${ensure}'")
- }
+ virtual::vserver::instance { $name:
+ in_domain => $in_domain,
+ context => $context,
+ legacy => $legacy,
+ distro => $distro,
+ hostname => $hostname,
+ interface => $interface,
+ memory_limit => $memory_limit,
}
file {
$if_dir:
ensure => directory, checksum => mtime,
- require => Exec["vs_create_${vs_name}"];
+ require => Exec["vserver_instance_${vs_name}"];
}
config_file {
"/etc/vservers/${vs_name}/context":
content => "${context}\n",
- notify => Exec["vs_restart_${vs_name}"],
- require => Exec["vs_create_${vs_name}"];
+ notify => Exec["vs_restart_${vs_name}"],
+ require => Exec["vserver_instance_${vs_name}"];
# create illegal configuration, when two vservers have the same context
# number
"/var/lib/puppet/modules/virtual/contexts/${context}":
content => "\n";
"/etc/vservers/${vs_name}/uts/nodename":
content => "${nodename}\n",
- notify => Exec["vs_restart_${vs_name}"],
- require => Exec["vs_create_${vs_name}"];
+ notify => Exec["vs_restart_${vs_name}"],
+ require => Exec["vserver_instance_${vs_name}"];
"/etc/vservers/${vs_name}/name":
content => "${vs_name}\n",
- require => Exec["vs_create_${vs_name}"];
+ require => Exec["vserver_instance_${vs_name}"];
}
# ensure a secure chroot barrier
@@ -295,23 +65,23 @@ define vserver($ensure, $context, $in_domain = '', $mark = '', $legacy = false,
# http://linux-vserver.org/Secure_chroot_Barrier#Solution:_Secure_Barrier
exec { "/usr/sbin/setattr --barrier /etc/vservers/${vs_name}/vdir/../":
unless => "/usr/sbin/showattr /etc/vservers/${vs_name}/vdir/../ | grep -- '----Bui- /etc/vservers/${vs_name}/vdir/../$'",
- require => Exec["vs_create_${vs_name}"],
+ require => Exec["vserver_instance_${vs_name}"],
}
case $ensure {
present: {
# don't start or stop the vserver, just make sure it exists, we just run a dummy status test here
exec { "/usr/bin/test -e \$(readlink -f /etc/vservers/${vs_name}/vdir)":
- require => Exec["vs_create_${vs_name}"],
- alias => "vs_restart_${vs_name}",
+ require => Exec["vserver_instance_${vs_name}"],
+ alias => "vs_restart_${vs_name}",
}
}
stopped: {
exec { "/usr/sbin/vserver ${vs_name} stop":
- onlyif => "/usr/bin/test -e \$(readlink -f /etc/vservers/${vs_name}/run || echo /doesntexist )",
- require => Exec["vs_create_${vs_name}"],
+ onlyif => "/usr/bin/test -e \$(readlink -f /etc/vservers/${vs_name}/run || echo /doesntexist )",
+ require => Exec["vserver_instance_${vs_name}"],
# fake the restart exec in the stopped case, so the dependencies are fulfilled
- alias => "vs_restart_${vs_name}",
+ alias => "vs_restart_${vs_name}",
}
file { $mark_file: ensure => absent, }
}
@@ -322,14 +92,14 @@ define vserver($ensure, $context, $in_domain = '', $mark = '', $legacy = false,
}
running: {
exec { "/usr/sbin/vserver ${vs_name} start":
- unless => "/usr/bin/test -e \$(readlink -f /etc/vservers/${vs_name}/run)",
- require => [ Exec["vs_create_${vs_name}"], File["/etc/vservers/${vs_name}/context"] ],
+ unless => "/usr/bin/test -e \$(readlink -f /etc/vservers/${vs_name}/run)",
+ require => [ Exec["vserver_instance_${vs_name}"], File["/etc/vservers/${vs_name}/context"] ],
}
exec { "/usr/sbin/vserver ${vs_name} restart":
refreshonly => true,
- require => Exec["vs_create_${vs_name}"],
- alias => "vs_restart_${vs_name}",
- subscribe => File[$if_dir],
+ require => Exec["vserver_instance_${vs_name}"],
+ alias => "vs_restart_${vs_name}",
+ subscribe => File[$if_dir],
}
case $mark {
@@ -340,330 +110,13 @@ define vserver($ensure, $context, $in_domain = '', $mark = '', $legacy = false,
default: {
config_file { "/etc/vservers/${vs_name}/apps/init/mark":
content => "${mark}\n",
- require => Exec["vs_create_${vs_name}"],
+ require => Exec["vserver_instance_${vs_name}"],
}
}
}
}
- }
-}
-
-# Changing stuff with this define won't do much good, since it relies on
-# restarting the vservers to do the work, which won't clean up orphaned
-# interfaces
-define vs_interface($prefix = 24, $dev = '') {
-
- file {
- "/etc/vservers/local-interfaces/${name}":
- ensure => directory,
- mode => 0755, owner => root, group => root;
- "/etc/vservers/local-interfaces/${name}/ip":
- content => "${name}\n",
- mode => 0644, owner => root, group => root;
- "/etc/vservers/local-interfaces/${name}/prefix":
- content => "${prefix}\n",
- mode => 0644, owner => root, group => root;
- }
-
- case $dev {
- '': {
- file {
- "/etc/vservers/local-interfaces/${name}/nodev":
- ensure => present,
- mode => 0644, owner => root, group => root;
- "/etc/vservers/local-interfaces/${name}/dev":
- ensure => absent;
- }
- }
- default: {
- config_file { "/etc/vservers/local-interfaces/${name}/dev": content => $dev, }
- file { "/etc/vservers/local-interfaces/${name}/nodev": ensure => absent, }
- }
- }
-}
-
-define vs_ip($vserver, $ip, $ensure) {
- err("$fqdn is using deprecated vs_ip instead of vs_ip_binding for $name")
- vs_ip_binding { $name: vserver => $vserver, ip => $ip, ensure => $ensure }
-}
-
-define vs_ip_binding($vserver, $ip, $ensure) {
- case $ensure {
- connected: {
- file { "/etc/vservers/${vserver}/interfaces/${name}":
- ensure => "/etc/vservers/local-interfaces/${ip}/",
- require => [ File["/etc/vservers/local-interfaces/${ip}"], Exec["vs_create_${vserver}"] ],
- notify => Exec["vs_restart_${vserver}"],
- }
- }
- disconnected: {
- file { "/etc/vservers/${vserver}/interfaces/${name}":
- ensure => absent,
- }
- }
- default: {
- err( "${fqdn}: vs_ip: ${vserver} -> ${ip}: unknown ensure: '${ensure}'" )
- }
- }
-}
-
-define vs_sched($ensure = present, $fill_rate = '', $fill_rate2 = '',
- $interval = '', $interval2 = '', $tokens_min = '', $tokens_max = '',
- $tokens = '', $idle_time = false, $priority_bias = '') {
-
- file { "/etc/vservers/${name}/sched":
- ensure => directory,
- owner => root,
- group => root,
- mode => 0755,
- }
-
- case $fill_rate {
- '': {
- file { "/etc/vservers/${name}/sched/fill-rate":
- ensure => absent,
- }
- }
- default: {
- $set_fill_rate = "--fill-rate $fill_rate"
-
- file { "/etc/vservers/${name}/sched/fill-rate":
- ensure => $ensure,
- content => "$fill_rate\n",
- require => File["/etc/vservers/${name}/sched"],
- }
- }
- }
-
- case $fill_rate2 {
- '': {
- file { "/etc/vservers/${name}/sched/fill-rate2":
- ensure => absent,
- }
- }
- default: {
- $set_fill_rate2 = "--fill-rate2 $fill_rate2"
-
- file { "/etc/vservers/${name}/sched/fill-rate2":
- ensure => $ensure,
- content => "$fill_rate2\n",
- require => File["/etc/vservers/${name}/sched"],
- }
- }
- }
-
- case $interval {
- '': {
- file { "/etc/vservers/${name}/sched/interval":
- ensure => absent,
- }
- }
- default: {
- $set_interval = "--interval $interval"
-
- file { "/etc/vservers/${name}/sched/interval":
- ensure => $ensure,
- content => "$interval\n",
- require => File["/etc/vservers/${name}/sched"],
- }
- }
- }
-
- case $interval2 {
- '': {
- file { "/etc/vservers/${name}/sched/interval2":
- ensure => absent,
- }
- }
- default: {
- $set_interval2 = "--interval2 $interval2"
-
- file { "/etc/vservers/${name}/sched/interval2":
- ensure => $ensure,
- content => "$interval2\n",
- require => File["/etc/vservers/${name}/sched"],
- }
- }
- }
-
- case $tokens_min {
- '': {
- file { "/etc/vservers/${name}/sched/tokens-min":
- ensure => absent,
- }
- }
- default: {
- $set_tokens_min = "--tokens-min $tokens_min"
-
- file { "/etc/vservers/${name}/sched/tokens-min":
- ensure => $ensure,
- content => "$tokens_min\n",
- require => File["/etc/vservers/${name}/sched"],
- }
- }
- }
-
- case $tokens_max {
- '': {
- file { "/etc/vservers/${name}/sched/tokens-max":
- ensure => absent,
- }
- }
- default: {
- $set_tokens_max = "--tokens-max $tokens_max"
-
- file { "/etc/vservers/${name}/sched/tokens-max":
- ensure => $ensure,
- content => "$tokens_max\n",
- require => File["/etc/vservers/${name}/sched"],
- }
- }
- }
-
- case $tokens {
- '': {
- file { "/etc/vservers/${name}/sched/tokens":
- ensure => absent,
- }
- }
- default: {
- $set_tokens = "--tokens $tokens"
-
- file { "/etc/vservers/${name}/sched/tokens":
- ensure => $ensure,
- content => "$tokens\n",
- require => File["/etc/vservers/${name}/sched"],
- }
- }
- }
-
- case $priority_bias {
- '': {
- file { "/etc/vservers/${name}/sched/priority-bias":
- ensure => absent,
- }
- }
- default: {
- $set_priority_bias = "--prio-bias $priority_bias"
-
- file { "/etc/vservers/${name}/sched/priority-bias":
- ensure => $ensure,
- content => "$priority_bias\n",
- require => File["/etc/vservers/${name}/sched"],
- }
- }
- }
-
- case $idle_time {
- true: {
- $set_idle_time = "--idle-time"
-
- file { "/etc/vservers/${name}/sched/idle-time":
- ensure => $ensure,
- }
- }
default: {
- file { "/etc/vservers/${name}/sched/idle-time":
- ensure => absent,
- }
+ err("${fqdn}: vserver(${vs_name}): unknown ensure '${ensure}'")
}
}
-
- vs_cflags { "${name}-sched_hard":
- vserver => $name,
- flag => "sched_hard",
- ensure => $ensure,
- }
-
- vs_cflags { "${name}-sched_prio":
- vserver => $name,
- flag => "sched_prio",
- ensure => $ensure,
- }
-
- case $ensure {
- present: {
-
- $vsched_params = "$set_fill_rate $set_fill_rate2 $set_interval $set_interval2 $set_tokens_min $set_tokens_max $set_tokens $set_idle_time $set_priority_bias"
-
- exec { "/usr/sbin/vsched --xid `cat /etc/vservers/$name/context` ${vsched_params} --force":
- subscribe => File["/etc/vservers/$name/sched/fill-rate", "/etc/vservers/$name/sched/fill-rate2",
- "/etc/vservers/$name/sched/interval", "/etc/vservers/$name/sched/interval2",
- "/etc/vservers/$name/sched/tokens-min", "/etc/vservers/$name/sched/tokens-max",
- "/etc/vservers/$name/sched/tokens", "/etc/vservers/$name/sched/idle-time"],
- refreshonly => true,
- require => Exec["vs_create_${name}"],
- }
- }
- }
-}
-
-define vs_cflags($vserver, $flag, $ensure = present) {
- if ! defined(File["/etc/vservers/${vserver}/cflags"]) {
- file { "/etc/vservers/${vserver}/cflags":
- ensure => present,
- }
- }
-
- line {"vs_cflags-${vserver}-${flag}":
- ensure => $ensure,
- file => "/etc/vservers/${vserver}/cflags",
- line => "${flag}",
- require => Exec["vs_create_${vserver}"],
- notify => Exec["vattribute-${vserver}-${flag}"],
- }
-
- case $ensure {
- present: {
- exec { "/usr/sbin/vattribute-${vserver}-${flag}":
- command => "vattribute --set --xid `cat /etc/vservers/$vserver/context` --flag ${flag}",
- refreshonly => true,
- require => Exec["vs_create_${vserver}"],
- alias => "vattribute-${vserver}-${flag}",
- }
- }
- default: {
- exec { "/usr/sbin/vattribute-${vserver}-${flag}":
- command => "vattribute --set --xid `cat /etc/vservers/$vserver/context` --flag ~${flag}",
- refreshonly => true,
- require => Exec["vs_create_${vserver}"],
- alias => "vattribute-${vserver}-${flag}",
- }
- }
- }
-}
-
-define vs_rlimit($vserver, $limit, $soft = '', $hard = '', $min = '', $ensure = present) {
- file { "/etc/vservers/${vserver}/rlimits/$limit.soft":
- mode => 0644, owner => root, group => root,
- content => "$soft\n",
- ensure => $soft ? {
- '' => absent,
- default => $ensure,
- },
- require => File["/etc/vservers/${vserver}/rlimits"],
- notify => Exec["vs_restart_${vserver}"],
- }
-
- file { "/etc/vservers/${vserver}/rlimits/$limit.hard":
- mode => 0644, owner => root, group => root,
- content => "$hard\n",
- ensure => $hard ? {
- '' => absent,
- default => $ensure,
- },
- require => File["/etc/vservers/${vserver}/rlimits"],
- notify => Exec["vs_restart_${vserver}"],
- }
-
- file { "/etc/vservers/${vserver}/rlimits/$limit.min":
- mode => 0644, owner => root, group => root,
- content => "$min\n",
- ensure => $min? {
- '' => absent,
- default => $ensure,
- },
- require => File["/etc/vservers/${vserver}/rlimits"],
- notify => Exec["vs_restart_${vserver}"],
- }
}
diff --git a/manifests/vserver/cflags.pp b/manifests/vserver/cflags.pp
new file mode 100644
index 0000000..c6df50f
--- /dev/null
+++ b/manifests/vserver/cflags.pp
@@ -0,0 +1,35 @@
+define virtual::vserver::cflags($vserver, $flag, $ensure = present) {
+ if ! defined(File["/etc/vservers/${vserver}/cflags"]) {
+ file { "/etc/vservers/${vserver}/cflags":
+ ensure => present,
+ }
+ }
+
+ line {"vs_cflags-${vserver}-${flag}":
+ ensure => $ensure,
+ file => "/etc/vservers/${vserver}/cflags",
+ line => "${flag}",
+ require => Exec["vserver_instance_${vserver}"],
+ notify => Exec["vattribute-${vserver}-${flag}"],
+ }
+
+ case $ensure {
+ present: {
+ exec { "/usr/sbin/vattribute-${vserver}-${flag}":
+ command => "vattribute --set --xid `cat /etc/vservers/$vserver/context` --flag ${flag}",
+ refreshonly => true,
+ require => Exec["vserver_instance_${vserver}"],
+ alias => "vattribute-${vserver}-${flag}",
+ }
+ }
+ default: {
+ exec { "/usr/sbin/vattribute-${vserver}-${flag}":
+ command => "vattribute --set --xid `cat /etc/vservers/$vserver/context` --flag ~${flag}",
+ refreshonly => true,
+ require => Exec["vserver_instance_${vserver}"],
+ alias => "vattribute-${vserver}-${flag}",
+ }
+ }
+ }
+}
+
diff --git a/manifests/vserver/host.pp b/manifests/vserver/host.pp
new file mode 100644
index 0000000..69718dd
--- /dev/null
+++ b/manifests/vserver/host.pp
@@ -0,0 +1,134 @@
+class virtual::vserver::host($vdirbase = "/var/lib/vservers") {
+ include virtual
+
+ module_dir{ "virtual/contexts": }
+
+ # make sure we have the ability to query for lsbdistcodename
+ include lsb
+
+ $utilvserver_version = $lsbdistcodename ? {
+ etch => "0.30.216~r2772-6~bpo40+1",
+ lenny => latest,
+ default => latest,
+ }
+
+ package {
+ "util-vserver":
+ ensure => $utilvserver_version;
+
+ debootstrap:
+ ensure => installed
+ }
+
+ file {
+ "/etc/vservers":
+ ensure => directory,
+ require => Package["util-vserver"];
+
+ "/etc/vservers/local-interfaces":
+ ensure => directory,
+ mode => 0755,
+ owner => root,
+ group => root,
+ require => File["/etc/vservers"];
+
+ "/usr/local/bin/build_vserver":
+ source => "puppet:///modules/virtual/vserver/build_vserver",
+ mode => 0755,
+ owner => root,
+ group => root,
+ require => [ Package['util-vserver'], Package[debootstrap]];
+
+ "/etc/vservers/.defaults/vdirbase":
+ ensure => $vdirbase,
+ require => File[$vdirbase];
+
+ "$vdirbase":
+ ensure => directory,
+ mode => 000,
+ owner => root,
+ group => root;
+
+ # perhaps we should use hashify.
+ # but i'm commenting this out until we learn how to properly use in case we want to use it.
+ #"/etc/cron.daily/vserver-hashify":
+ # source => "puppet:///virtual/hashify.cron.daily",
+ # mode => 0755, owner => root, group => root;
+ }
+
+ # remove dummy interfaces on the host
+ line { modules_dummy:
+ file => "/etc/modules",
+ line => "^dummy",
+ ensure => absent,
+ }
+
+ # Remove these dummy interfaces, they are annoying and we dont need them
+ file {
+ "/etc/modprobe.d/local-dummy":
+ ensure => absent,
+ mode => 0644, owner => root, group => root;
+ }
+
+ # Setup some plugins if munin is enabled in the system
+ case $virtual_munin {
+ false: {}
+ default: {
+ file {
+ "/usr/local/share/munin-plugins/vserver_resources":
+ source => "puppet:///modules/virtual/munin/vserver_resources",
+ mode => 0755,
+ owner => root,
+ group => root;
+
+ "/usr/local/share/munin-plugins/vserver_cpu_":
+ source => "puppet:///modules/virtual/munin/vserver_cpu_",
+ mode => 0755,
+ owner => root,
+ group => root;
+
+ "/usr/local/share/munin-plugins/vserver_loadavg":
+ source => "puppet:///modules/virtual/munin/vserver_loadavg",
+ mode => 0755,
+ owner => root,
+ group => root;
+ }
+ }
+ }
+
+ # Setup some plugins if munin is enabled in the system
+ case $virtual_munin {
+ false: {}
+ default: {
+ # This creates a load average graph combining the individual load averages of each vserver on the host
+ munin::plugin {
+ "vserver_loadavg":
+ config => "user root\n",
+ script_path_in => "/usr/local/share/munin-plugins";
+ }
+
+ # This creates a RSS graph for each vserver on the host (note after more than 4 vservers this can get noisy)
+ munin::plugin {
+ "vserver_resources_RSS":
+ ensure => "vserver_resources",
+ config => "user root\nenv.resource RSS",
+ script_path_in => "/usr/local/share/munin-plugins";
+ }
+
+ # This creates a VM graph for each vserver on the host (note after more than 4 vservers this can get noisy)
+ munin::plugin {
+ "vserver_resources_VM":
+ ensure => "vserver_resources",
+ config => "user root\nenv.resource VM",
+ script_path_in => "/usr/local/share/munin-plugins";
+ }
+
+ # This creates a VM graph for each vserver on the host (note after more than 4 vservers this can get noisy)
+ munin::plugin {
+ "vserver_cpu_":
+ config => "user root\n",
+ script_path_in => "/usr/local/share/munin-plugins";
+ }
+ }
+ }
+}
diff --git a/manifests/vserver/instance.pp b/manifests/vserver/instance.pp
new file mode 100644
index 0000000..3ec9130
--- /dev/null
+++ b/manifests/vserver/instance.pp
@@ -0,0 +1,89 @@
+define virtual::vserver::instance(
+ $in_domain,
+ $context,
+ $legacy = false,
+ $distro = 'jessie',
+ $debootstrap_mirror = 'http://cdn.debian.net/debian',
+ $hostname = false,
+ $interface = false,
+ $memory_limit = false
+) {
+ $vs_name = $legacy ? { true => $name, false => $in_domain ? { '' => $name, default => "${name}.${in_domain}" } }
+ $vs_hostname = $hostname ? { false => 'none', default => $hostname }
+ $vs_interface = $interface ? { false => 'none', default => $interface }
+
+ case $vs_name { '': { fail ( "Cannot create VServer with empty name" ) } }
+
+ case $legacy {
+ true: {
+ exec { "/bin/false # cannot create legacy vserver ${vs_name}":
+ creates => "/etc/vservers/${vs_name}",
+ alias => "vserver_instance_${vs_name}"
+ }
+ }
+ false: {
+ exec { "/usr/local/bin/build_vserver \"${vs_name}\" ${context} ${distro} ${debootstrap_mirror} ${vs_hostname} ${vs_interface} ${memory_limit}":
+ creates => "/etc/vservers/${vs_name}",
+ require => File["/usr/local/bin/build_vserver","/etc/vservers/.defaults/vdirbase"],
+ alias => "vserver_instance_${vs_name}",
+ # TODO: change when this is fixed: http://projects.puppetlabs.com/issues/4769
+ timeout => $lsbdistcodename ? {
+ "squeeze" => '31536000', # 1 year
+ default => '-1', },
+ }
+ }
+ }
+
+ file { "/etc/vservers/${vs_name}/rlimits":
+ ensure => directory,
+ mode => 0755,
+ owner => root,
+ group => root,
+ require => Exec["vserver_instance_${vs_name}"],
+ }
+
+ case $memory_limit {
+ false: {
+ file { "/etc/vservers/${vs_name}/rlimits/rss.hard":
+ mode => 0644, owner => root, group => root,
+ ensure => absent,
+ }
+
+ file { "/etc/vservers/${vs_name}/rlimits/rss.soft":
+ mode => 0644, owner => root, group => root,
+ ensure => absent,
+ }
+
+ virtual::vserver::cflags { "${vs_name}-virt_mem":
+ vserver => $vs_name,
+ flag => "virt_mem",
+ ensure => absent,
+ }
+ }
+ default: {
+ file { "/etc/vservers/${vs_name}/rlimits/rss.hard":
+ mode => 0644,
+ owner => root,
+ group => root,
+ content => template("virtual/rss.hard.erb"),
+ require => File["/etc/vservers/${vs_name}/rlimits"],
+ }
+
+ file { "/etc/vservers/${vs_name}/rlimits/rss.soft":
+ mode => 0644,
+ owner => root,
+ group => root,
+ content => template("virtual/rss.soft.erb"),
+ require => File["/etc/vservers/${vs_name}/rlimits"],
+ }
+
+ vs_cflags { "${vs_name}-virt_mem":
+ vserver => $vs_name,
+ flag => "virt_mem",
+ ensure => present,
+ require => Exec["vserver_instance_${vs_name}"],
+ }
+ }
+ }
+}
+
diff --git a/manifests/vserver/interface.pp b/manifests/vserver/interface.pp
new file mode 100644
index 0000000..82a2c9c
--- /dev/null
+++ b/manifests/vserver/interface.pp
@@ -0,0 +1,46 @@
+# Changing stuff with this define won't do much good, since it relies on
+# restarting the vservers to do the work, which won't clean up orphaned
+# interfaces
+define virtual::vserver::interface($prefix = 24, $dev = '') {
+
+ file {
+ "/etc/vservers/local-interfaces/${name}":
+ ensure => directory,
+ mode => 0755,
+ owner => root,
+ group => root;
+ "/etc/vservers/local-interfaces/${name}/ip":
+ content => "${name}\n",
+ mode => 0644,
+ owner => root,
+ group => root;
+ "/etc/vservers/local-interfaces/${name}/prefix":
+ content => "${prefix}\n",
+ mode => 0644,
+ owner => root,
+ group => root;
+ }
+
+ case $dev {
+ '': {
+ file {
+ "/etc/vservers/local-interfaces/${name}/nodev":
+ ensure => present,
+ mode => 0644,
+ owner => root,
+ group => root;
+ "/etc/vservers/local-interfaces/${name}/dev":
+ ensure => absent;
+ }
+ }
+ default: {
+ config_file { "/etc/vservers/local-interfaces/${name}/dev":
+ content => $dev,
+ }
+
+ file { "/etc/vservers/local-interfaces/${name}/nodev":
+ ensure => absent,
+ }
+ }
+ }
+}
diff --git a/manifests/vserver/ip.pp b/manifests/vserver/ip.pp
new file mode 100644
index 0000000..5a0d206
--- /dev/null
+++ b/manifests/vserver/ip.pp
@@ -0,0 +1,9 @@
+define virtual::vserver::ip($vserver, $ip, $ensure) {
+ err("$fqdn is using deprecated vs_ip instead of vs_ip_binding for $name")
+
+ virtual::vserver::ip::binding { $name:
+ vserver => $vserver,
+ ip => $ip,
+ ensure => $ensure
+ }
+}
diff --git a/manifests/vserver/ip/binding.pp b/manifests/vserver/ip/binding.pp
new file mode 100644
index 0000000..2489b69
--- /dev/null
+++ b/manifests/vserver/ip/binding.pp
@@ -0,0 +1,19 @@
+define virtual::vserver::ip::binding($vserver, $ip, $ensure) {
+ case $ensure {
+ connected: {
+ file { "/etc/vservers/${vserver}/interfaces/${name}":
+ ensure => "/etc/vservers/local-interfaces/${ip}/",
+ require => [ File["/etc/vservers/local-interfaces/${ip}"], Exec["vserver_instance_${vserver}"] ],
+ notify => Exec["vs_restart_${vserver}"],
+ }
+ }
+ disconnected: {
+ file { "/etc/vservers/${vserver}/interfaces/${name}":
+ ensure => absent,
+ }
+ }
+ default: {
+ err( "${fqdn}: vs_ip: ${vserver} -> ${ip}: unknown ensure: '${ensure}'" )
+ }
+ }
+}
diff --git a/manifests/vserver/rlimit.pp b/manifests/vserver/rlimit.pp
new file mode 100644
index 0000000..0218359
--- /dev/null
+++ b/manifests/vserver/rlimit.pp
@@ -0,0 +1,48 @@
+define virtual::vserver::rlimit(
+ $vserver,
+ $limit,
+ $soft = '',
+ $hard = '',
+ $min = '',
+ $ensure = present
+) {
+ file { "/etc/vservers/${vserver}/rlimits/$limit.soft":
+ mode => 0644,
+ owner => root,
+ group => root,
+ content => "$soft\n",
+ ensure => $soft ? {
+ '' => absent,
+ default => $ensure,
+ },
+ require => File["/etc/vservers/${vserver}/rlimits"],
+ notify => Exec["vs_restart_${vserver}"],
+ }
+
+ file { "/etc/vservers/${vserver}/rlimits/$limit.hard":
+ mode => 0644,
+ owner => root,
+ group => root,
+ content => "$hard\n",
+ ensure => $hard ? {
+ '' => absent,
+ default => $ensure,
+ },
+ require => File["/etc/vservers/${vserver}/rlimits"],
+ notify => Exec["vs_restart_${vserver}"],
+ }
+
+ file { "/etc/vservers/${vserver}/rlimits/$limit.min":
+ mode => 0644,
+ owner => root,
+ group => root,
+ content => "$min\n",
+ ensure => $min? {
+ '' => absent,
+ default => $ensure,
+ },
+ require => File["/etc/vservers/${vserver}/rlimits"],
+ notify => Exec["vs_restart_${vserver}"],
+ }
+}
+
diff --git a/manifests/vserver/sched.pp b/manifests/vserver/sched.pp
new file mode 100644
index 0000000..b0d12bd
--- /dev/null
+++ b/manifests/vserver/sched.pp
@@ -0,0 +1,199 @@
+define virtual::vserver::sched(
+ $ensure = present,
+ $fill_rate = '',
+ $fill_rate2 = '',
+ $interval = '',
+ $interval2 = '',
+ $tokens_min = '',
+ $tokens_max = '',
+ $tokens = '',
+ $idle_time = false,
+ $priority_bias = ''
+) {
+
+ file { "/etc/vservers/${name}/sched":
+ ensure => directory,
+ owner => root,
+ group => root,
+ mode => 0755,
+ }
+
+ case $fill_rate {
+ '': {
+ file { "/etc/vservers/${name}/sched/fill-rate":
+ ensure => absent,
+ }
+ }
+ default: {
+ $set_fill_rate = "--fill-rate $fill_rate"
+
+ file { "/etc/vservers/${name}/sched/fill-rate":
+ ensure => $ensure,
+ content => "$fill_rate\n",
+ require => File["/etc/vservers/${name}/sched"],
+ }
+ }
+ }
+
+ case $fill_rate2 {
+ '': {
+ file { "/etc/vservers/${name}/sched/fill-rate2":
+ ensure => absent,
+ }
+ }
+ default: {
+ $set_fill_rate2 = "--fill-rate2 $fill_rate2"
+
+ file { "/etc/vservers/${name}/sched/fill-rate2":
+ ensure => $ensure,
+ content => "$fill_rate2\n",
+ require => File["/etc/vservers/${name}/sched"],
+ }
+ }
+ }
+
+ case $interval {
+ '': {
+ file { "/etc/vservers/${name}/sched/interval":
+ ensure => absent,
+ }
+ }
+ default: {
+ $set_interval = "--interval $interval"
+
+ file { "/etc/vservers/${name}/sched/interval":
+ ensure => $ensure,
+ content => "$interval\n",
+ require => File["/etc/vservers/${name}/sched"],
+ }
+ }
+ }
+
+ case $interval2 {
+ '': {
+ file { "/etc/vservers/${name}/sched/interval2":
+ ensure => absent,
+ }
+ }
+ default: {
+ $set_interval2 = "--interval2 $interval2"
+
+ file { "/etc/vservers/${name}/sched/interval2":
+ ensure => $ensure,
+ content => "$interval2\n",
+ require => File["/etc/vservers/${name}/sched"],
+ }
+ }
+ }
+
+ case $tokens_min {
+ '': {
+ file { "/etc/vservers/${name}/sched/tokens-min":
+ ensure => absent,
+ }
+ }
+ default: {
+ $set_tokens_min = "--tokens-min $tokens_min"
+
+ file { "/etc/vservers/${name}/sched/tokens-min":
+ ensure => $ensure,
+ content => "$tokens_min\n",
+ require => File["/etc/vservers/${name}/sched"],
+ }
+ }
+ }
+
+ case $tokens_max {
+ '': {
+ file { "/etc/vservers/${name}/sched/tokens-max":
+ ensure => absent,
+ }
+ }
+ default: {
+ $set_tokens_max = "--tokens-max $tokens_max"
+
+ file { "/etc/vservers/${name}/sched/tokens-max":
+ ensure => $ensure,
+ content => "$tokens_max\n",
+ require => File["/etc/vservers/${name}/sched"],
+ }
+ }
+ }
+
+ case $tokens {
+ '': {
+ file { "/etc/vservers/${name}/sched/tokens":
+ ensure => absent,
+ }
+ }
+ default: {
+ $set_tokens = "--tokens $tokens"
+
+ file { "/etc/vservers/${name}/sched/tokens":
+ ensure => $ensure,
+ content => "$tokens\n",
+ require => File["/etc/vservers/${name}/sched"],
+ }
+ }
+ }
+
+ case $priority_bias {
+ '': {
+ file { "/etc/vservers/${name}/sched/priority-bias":
+ ensure => absent,
+ }
+ }
+ default: {
+ $set_priority_bias = "--prio-bias $priority_bias"
+
+ file { "/etc/vservers/${name}/sched/priority-bias":
+ ensure => $ensure,
+ content => "$priority_bias\n",
+ require => File["/etc/vservers/${name}/sched"],
+ }
+ }
+ }
+
+ case $idle_time {
+ true: {
+ $set_idle_time = "--idle-time"
+
+ file { "/etc/vservers/${name}/sched/idle-time":
+ ensure => $ensure,
+ }
+ }
+ default: {
+ file { "/etc/vservers/${name}/sched/idle-time":
+ ensure => absent,
+ }
+ }
+ }
+
+ virtual::vserver::cflags { "${name}-sched_hard":
+ vserver => $name,
+ flag => "sched_hard",
+ ensure => $ensure,
+ }
+
+ virtual::vserver::cflags { "${name}-sched_prio":
+ vserver => $name,
+ flag => "sched_prio",
+ ensure => $ensure,
+ }
+
+ case $ensure {
+ present: {
+
+ $vsched_params = "$set_fill_rate $set_fill_rate2 $set_interval $set_interval2 $set_tokens_min $set_tokens_max $set_tokens $set_idle_time $set_priority_bias"
+
+ exec { "/usr/sbin/vsched --xid `cat /etc/vservers/$name/context` ${vsched_params} --force":
+ subscribe => File["/etc/vservers/$name/sched/fill-rate", "/etc/vservers/$name/sched/fill-rate2",
+ "/etc/vservers/$name/sched/interval", "/etc/vservers/$name/sched/interval2",
+ "/etc/vservers/$name/sched/tokens-min", "/etc/vservers/$name/sched/tokens-max",
+ "/etc/vservers/$name/sched/tokens", "/etc/vservers/$name/sched/idle-time"],
+ refreshonly => true,
+ require => Exec["vserver_instance_${name}"],
+ }
+ }
+ }
+}
diff --git a/manifests/xen.pp b/manifests/xen.pp
deleted file mode 100644
index 516a59c..0000000
--- a/manifests/xen.pp
+++ /dev/null
@@ -1,160 +0,0 @@
-# virtual/xen.pp -- XEN specifica
-# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at>
-# See LICENSE for the full license granted to you.
-
-class munin::plugins::xen {
- munin::remoteplugin {
- xen-multi:
- source => "puppet:///modules/virtual/munin/xen_mem",
- config => "user root",
- ensure => absent;
- xen_vm:
- source => "puppet:///modules/virtual/munin/xen_vm",
- config => "user root",
- ensure => absent;
- 'xen-multi':
- source => 'puppet:///modules/virtual/munin/xen-multi',
- config => 'user root';
- }
-}
-
-class xen::domain {
- case $operatingsystem {
- debian: { include xen::domain::debian }
- centos: { include xen::domain::centos }
- default: { include xen::domain::base }
- }
-}
-
-class xen::domain::base {
- service{ 'xend':
- ensure => running,
- enable => true,
- hasstatus => false,
- hasrestart => true,
- }
-
- case $xen_domains {
- '0': { info("No xen domains are running, so not configuring service xendomains") }
- default: {
- service{ 'xendomains':
- ensure => running,
- enable => true,
- hasstatus => true,
- }
- }
- }
-
- file{'/etc/xen/xend-config.sxp':
- source => [ "puppet:///modules/site_virtual/xen/config/${fqdn}/config/xend-config.sxp",
- "puppet:///modules/site_virtual/xen/config/${domain}/xend-config.sxp",
- "puppet:///modules/site_virtual/xen/config/${operatingsystem}/xend-config.sxp",
- "puppet:///modules/site_virtual/xen/config/${operatingsystem}/${lsbdistcodeename}/xend-config.sxp",
- "puppet:///modules/site_virtual/xen/config/xend-config.sxp",
- "puppet:///modules/virtual/xen/config/${operatingsystem}/xend-config.sxp",
- "puppet:///modules/virtual/xen/config/xend-config.sxp" ],
- notify => Service['xend'],
- owner => root, group => 0, mode => 0644;
- }
-}
-
-class xen::domain::centos inherits xen::domain::base {
- package{ 'kernel-xen':
- ensure => present,
- }
-
- Service[xend]{
- require => Package['kernel-xen'],
- }
-
- file{'/etc/sysconfig/xend':
- source => "puppet:///modules/virtual/xen/${operatingsystem}/sysconfig/xend",
- notify => Service['xend'],
- owner => root, group => 0, mode => 0644;
- }
-
- file{'/etc/sysconfig/xendomains':
- source => "puppet:///modules/virtual/xen/${operatingsystem}/sysconfig/xendomains",
- owner => root, group => 0, mode => 0644;
- }
-
- case $xen_domains {
- '0': { info("No xen domains are running, so not configuring service xendomains") }
- default: {
- Service[xendomains]{
- require => Package['kernel-xen'],
- }
- File['/etc/sysconfig/xendomains']{
- notify => Service[xendomains]
- }
- }
- }
-}
-
-class xen::domain::debian inherits xen::domain::base {
- case $lsbdistcodename {
- "lenny": {
- $xen_linux_system = $architecture ? {
- amd64 => "xen-linux-system-2.6.26-2-xen-amd64",
- i386 => "xen-linux-system-2.6.26-2-xen-686"
- }
- }
- "squeeze": {
- $xen_linux_system = $architecture ? {
- /(amd64|x86_64)/ => "xen-linux-system-2.6.32-5-xen-amd64",
- i386 => "xen-linux-system-2.6.32-5-xen-686"
- }
- }
- }
-
- package {
- "$xen_linux_system":
- ensure => present,
- alias => "xen-linux-system";
- }
-}
-
-
-class xen::dom0 inherits xen::domain {
- case $operatingsystem {
- debian: { include xen::dom0::debian }
- centos: { include xen::dom0::centos }
- default: { include xen::dom0::base }
- }
-}
-
-class xen::dom0::base {}
-
-class xen::dom0::centos inherits xen::dom0::base {
- package{ [ "xen", "xen-libs"]:
- ensure => present,
- }
-}
-
-class xen::dom0::debian inherits xen::dom0::base {
- $real_xen_lvm = $xen_lvm ? {
- '' => "vg_${hostname}0",
- default => $xen_lvm,
- }
- case $lsbdistcodename {
- lenny: {
- package {
- "xen-tools":
- ensure => "4.1-1~bpo50+1",
- }
- }
- squeeze: {
- package {
- "xen-tools":
- ensure => installed;
- }
- }
- }
-
- file {
- "/etc/xen-tools/xen-tools.conf":
- owner => root, group => 0, mode => 0644,
- content => template("site_virtual/xen/${operatingsystem}/${lsbdistcodename}/xen-tools.conf.erb"),
- require => Package['xen-tools'];
- }
-}
diff --git a/manifests/xen/dom0.pp b/manifests/xen/dom0.pp
new file mode 100644
index 0000000..2c51b56
--- /dev/null
+++ b/manifests/xen/dom0.pp
@@ -0,0 +1,7 @@
+class virtual::xen::dom0 inherits xen::domain {
+ case $operatingsystem {
+ debian: { include xen::dom0::debian }
+ centos: { include xen::dom0::centos }
+ default: { include xen::dom0::base }
+ }
+}
diff --git a/manifests/xen/dom0/base.pp b/manifests/xen/dom0/base.pp
new file mode 100644
index 0000000..85411cf
--- /dev/null
+++ b/manifests/xen/dom0/base.pp
@@ -0,0 +1 @@
+class virtual::xen::dom0::base {}
diff --git a/manifests/xen/dom0/centos.pp b/manifests/xen/dom0/centos.pp
new file mode 100644
index 0000000..f0fd14d
--- /dev/null
+++ b/manifests/xen/dom0/centos.pp
@@ -0,0 +1,5 @@
+class virtual::xen::dom0::centos inherits xen::dom0::base {
+ package{ [ "xen", "xen-libs"]:
+ ensure => present,
+ }
+}
diff --git a/manifests/xen/dom0/debian.pp b/manifests/xen/dom0/debian.pp
new file mode 100644
index 0000000..56ec52c
--- /dev/null
+++ b/manifests/xen/dom0/debian.pp
@@ -0,0 +1,27 @@
+class virtual::xen::dom0::debian inherits xen::dom0::base {
+ $real_xen_lvm = $xen_lvm ? {
+ '' => "vg_${hostname}0",
+ default => $xen_lvm,
+ }
+ case $lsbdistcodename {
+ lenny: {
+ package {
+ "xen-tools":
+ ensure => "4.1-1~bpo50+1",
+ }
+ }
+ squeeze: {
+ package {
+ "xen-tools":
+ ensure => installed;
+ }
+ }
+ }
+
+ file {
+ "/etc/xen-tools/xen-tools.conf":
+ owner => root, group => 0, mode => 0644,
+ content => template("site_virtual/xen/${operatingsystem}/${lsbdistcodename}/xen-tools.conf.erb"),
+ require => Package['xen-tools'];
+ }
+}
diff --git a/manifests/xen/domain.pp b/manifests/xen/domain.pp
new file mode 100644
index 0000000..30a0fdf
--- /dev/null
+++ b/manifests/xen/domain.pp
@@ -0,0 +1,12 @@
+# XEN specifica
+# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at>
+# See LICENSE for the full license granted to you.
+class virtual::xen::domain {
+ include virtual
+
+ case $operatingsystem {
+ debian: { include xen::domain::debian }
+ centos: { include xen::domain::centos }
+ default: { include xen::domain::base }
+ }
+}
diff --git a/manifests/xen/domain/base.pp b/manifests/xen/domain/base.pp
new file mode 100644
index 0000000..c77becb
--- /dev/null
+++ b/manifests/xen/domain/base.pp
@@ -0,0 +1,31 @@
+class virtual::xen::domain::base {
+ service{ 'xend':
+ ensure => running,
+ enable => true,
+ hasstatus => false,
+ hasrestart => true,
+ }
+
+ case $xen_domains {
+ '0': { info("No xen domains are running, so not configuring service xendomains") }
+ default: {
+ service{ 'xendomains':
+ ensure => running,
+ enable => true,
+ hasstatus => true,
+ }
+ }
+ }
+
+ file{'/etc/xen/xend-config.sxp':
+ source => [ "puppet:///modules/site_virtual/xen/config/${fqdn}/config/xend-config.sxp",
+ "puppet:///modules/site_virtual/xen/config/${domain}/xend-config.sxp",
+ "puppet:///modules/site_virtual/xen/config/${operatingsystem}/xend-config.sxp",
+ "puppet:///modules/site_virtual/xen/config/${operatingsystem}/${lsbdistcodeename}/xend-config.sxp",
+ "puppet:///modules/site_virtual/xen/config/xend-config.sxp",
+ "puppet:///modules/virtual/xen/config/${operatingsystem}/xend-config.sxp",
+ "puppet:///modules/virtual/xen/config/xend-config.sxp" ],
+ notify => Service['xend'],
+ owner => root, group => 0, mode => 0644;
+ }
+}
diff --git a/manifests/xen/domain/centos.pp b/manifests/xen/domain/centos.pp
new file mode 100644
index 0000000..bd01338
--- /dev/null
+++ b/manifests/xen/domain/centos.pp
@@ -0,0 +1,32 @@
+class virtual::xen::domain::centos inherits xen::domain::base {
+ package{ 'kernel-xen':
+ ensure => present,
+ }
+
+ Service[xend]{
+ require => Package['kernel-xen'],
+ }
+
+ file{'/etc/sysconfig/xend':
+ source => "puppet:///modules/virtual/xen/${operatingsystem}/sysconfig/xend",
+ notify => Service['xend'],
+ owner => root, group => 0, mode => 0644;
+ }
+
+ file{'/etc/sysconfig/xendomains':
+ source => "puppet:///modules/virtual/xen/${operatingsystem}/sysconfig/xendomains",
+ owner => root, group => 0, mode => 0644;
+ }
+
+ case $xen_domains {
+ '0': { info("No xen domains are running, so not configuring service xendomains") }
+ default: {
+ Service[xendomains]{
+ require => Package['kernel-xen'],
+ }
+ File['/etc/sysconfig/xendomains']{
+ notify => Service[xendomains]
+ }
+ }
+ }
+}
diff --git a/manifests/xen/domain/debian.pp b/manifests/xen/domain/debian.pp
new file mode 100644
index 0000000..8c916c8
--- /dev/null
+++ b/manifests/xen/domain/debian.pp
@@ -0,0 +1,22 @@
+class virtual::xen::domain::debian inherits xen::domain::base {
+ case $lsbdistcodename {
+ "lenny": {
+ $xen_linux_system = $architecture ? {
+ amd64 => "xen-linux-system-2.6.26-2-xen-amd64",
+ i386 => "xen-linux-system-2.6.26-2-xen-686"
+ }
+ }
+ "squeeze": {
+ $xen_linux_system = $architecture ? {
+ /(amd64|x86_64)/ => "xen-linux-system-2.6.32-5-xen-amd64",
+ i386 => "xen-linux-system-2.6.32-5-xen-686"
+ }
+ }
+ }
+
+ package {
+ "$xen_linux_system":
+ ensure => present,
+ alias => "xen-linux-system";
+ }
+}
diff --git a/manifests/xen/munin/plugins.pp b/manifests/xen/munin/plugins.pp
new file mode 100644
index 0000000..00982ce
--- /dev/null
+++ b/manifests/xen/munin/plugins.pp
@@ -0,0 +1,15 @@
+class virtual::xen::munin::plugins {
+ munin::remoteplugin {
+ xen-multi:
+ source => "puppet:///modules/virtual/munin/xen_mem",
+ config => "user root",
+ ensure => absent;
+ xen_vm:
+ source => "puppet:///modules/virtual/munin/xen_vm",
+ config => "user root",
+ ensure => absent;
+ 'xen-multi':
+ source => 'puppet:///modules/virtual/munin/xen-multi',
+ config => 'user root';
+ }
+}